Publication date: August 31, 2025

On August 28, 2025, the Polish Act of June 25, 2025, on the national cybersecurity certification scheme, entered into force, implementing Regulation (EU) 2019/881 of the European Parliament and of the Council of April 17, 2019, on ENISA (the European Union Agency for Cybersecurity) and cybersecurity certification in information and communication technologies and repealing Regulation (EU) No 526/2013 ( Cybersecurity Act ) (OJ L 151, 7.06.2019, p. 15 and OJ L 2025/37, 15.01.2025).

Regulation 2019/881 established a European cybersecurity certification framework, introducing the possibility of creating European certification schemes and common rules for obtaining certificates. Recital 69 of the aforementioned Regulation states: “It is therefore necessary to adopt a common approach and establish a European cybersecurity certification framework, specifying the main horizontal requirements for the European cybersecurity certification schemes to be developed and enabling the recognition and use in all Member States of European cybersecurity certificates and EU statements of conformity for ICT products, ICT services or ICT processes. […] This European cybersecurity certification framework should have a two-fold objective. Firstly, it should help to increase trust in ICT products, services and processes certified under European cybersecurity certification schemes. Secondly, it should help to avoid the proliferation of conflicting or overlapping national cybersecurity schemes, thereby reducing costs for undertakings operating in the digital single market.” Recital 70 further states: “The European cybersecurity certification framework should be established in a harmonised manner across Member States in order to prevent certification shopping practices due to differences in the levels of requirements in different Member States.”

Unification of certificates in the European Union?

Each certificate issued under a specific European cybersecurity program, as referred to in Article 2, point 9 of Regulation 2019/881, will be automatically recognized throughout the European Union. As indicated in the Council of Ministers’ justification for the adoption of the Act, Regulation 2019/881 requires all EU Member States to establish a national cybersecurity certification authority, which will oversee the market and monitor the correctness of certification activities. To implement the Regulation’s provisions, it was also necessary to introduce a procedure for the accreditation of entities authorized to issue certificates into the Polish legal system. The Act also provides for the introduction of a national cybersecurity certification scheme in areas not covered by European cybersecurity certification programs.

Pursuant to Article 1 of the Act on the National Cybersecurity Certification System, the Act specifies the organisation of the national cybersecurity certification system and the tasks and responsibilities of the entities comprising this system, including the method of supervising the activities of the entities comprising this system, controlling the activities of these entities and coordinating their activities.

The complex relationship between European and national certificates

The relationship between these models (the European and Polish certification systems), or between the Act on the National Cybersecurity Certification System and Regulation 2019/881, appears in some respects rather complicated, incomprehensible, or even chaotic. The problem with this provision appears to lie in the parallel operation of the national and European systems.

Under the Regulation, Poland will issue a European cybersecurity certificate as defined in Article 2, point 11 of Regulation 2019/881, a definition to which the Act on the National Cybersecurity Certification System refers. In addition to the European cybersecurity certification scheme (Article 2, point 9) and the related European cybersecurity certificate (Article 2, point 11), Regulation 2019/881 provides for a national cybersecurity certification scheme (Article 2, point 10).

The Act on the national cybersecurity certification system, specifically in Article 2, point 12, additionally mentions a national certificate defined as:

 a document confirming that a given ICT product, a given ICT service, a given ICT process, a given managed security service, a given cybersecurity management system or a given natural person has been assessed for compliance with the detailed requirements specified in the national diagram cybersecurity certification.

The concept of a national cybersecurity certification scheme is interesting because it is a way to expand the national cybersecurity certification program defined in Regulation 2019/881. A national cybersecurity certification program can only apply to ICT products, services, and processes, as well as managed security services. However, this definition leaves Member States without the basis to issue certificates covering individuals (e.g., cybersecurity experts) or security management systems under national certification programs.

For this reason, the Polish legislator created the concept of a national cybersecurity certification scheme in Article 2, point 13, which reads as follows: “national cybersecurity certification scheme – a national cybersecurity certification program referred to in Article 2, point 10 of Regulation 2019/881 and a comprehensive set of regulations adopted by a national cybersecurity certification authority, applicable to the certification of cybersecurity management systems or natural persons in the field of cybersecurity.”

What is the national cybersecurity certification system?

As indicated in Art. 3, paragraph 1: “The national cybersecurity certification scheme is a set of entities referred to in paragraph 2 and procedures related to certification […] under European cybersecurity certification schemes or national cybersecurity certification schemes and procedures for the certification of cybersecurity certification schemes or natural persons under national cybersecurity certification schemes […]”, and also in paragraph 2: “The national cybersecurity certification scheme includes: 1) the minister responsible for digitalization; 2) the Polish Centre for Accreditation; 3) conformity assessment bodies; 4) suppliers who subject their products, services, ICT processes or managed security services to a conformity assessment under a given European cybersecurity certification scheme or a given national cybersecurity certification scheme; 5) natural persons who subject their knowledge and practical skills to a conformity assessment under a given national cybersecurity certification scheme; 6) entities that subject the cybersecurity management systems they use to a conformity assessment under a given national cybersecurity certification scheme.”

The relationship between national cybersecurity certification schemes and European cybersecurity certification schemes is also governed by Article 57(1) of Regulation 2019/881. It states that: “national cybersecurity certification schemes and related procedures for ICT products, ICT services, ICT processes and managed security services that are covered by a European cybersecurity certification scheme shall cease to have effect on the date specified in the implementing act adopted pursuant to Article 49(7). National cybersecurity certification schemes and related procedures for ICT products, ICT services, ICT processes and managed security services that are not covered by a European cybersecurity certification scheme shall continue to exist.”

The distinction between a national certificate and a national cybersecurity certificate was outlined in the Council of Ministers’ justification for the act as follows: a national certificate will be issued for a product, service, ICT process, or managed security service, a security management system that ensures the availability, authenticity, integrity, or confidentiality of stored, transmitted, or processed data, or provided functions or services, at a level appropriate to potential cyberthreats, and minimizes known risks related to cyberthreats.

Therefore, possession of such a certificate will guarantee an adequate level of protection. In turn, a national cybersecurity certificate may be issued to an individual who possesses the knowledge and practical skills necessary to effectively perform cybersecurity tasks. Its holders will be able to stand out in the job market, and potential employers, including public institutions, will have proof of their competence.

Framework for the national cybersecurity certification system

Article 6 of the Act on the National Cybersecurity Certification System specifies that a product, service, ICT process, managed security service, cybersecurity management system, or an individual’s cybersecurity knowledge and practical skills may be subject to a compliance assessment in accordance with a given national cybersecurity certification scheme. Article 7 of the Act on the National Cybersecurity System specifies the requirements for issuing a national certificate.

These requirements include ensuring the availability, authenticity, integrity, or confidentiality of processed data or provided functions or services at a level appropriate to potential cyberthreats, and minimizing known risks related to cyberthreats. In the case of individuals, a national certificate may be issued to an individual who possesses the knowledge and practical skills necessary to perform cybersecurity tasks.

Methods for verifying whether the requirements are aligned with the appropriate cybersecurity certification scheme include: examination of technical documentation, audits, testing of specific properties, or performance analyses. In the case of individuals, competence will be verified through a knowledge and practical skills test (Article 8 of the Act on the National Cybersecurity Certification System). A national certificate may be issued for a period of no less than two years and no longer than five years. According to the justification for the act, this is due to the fact that cybersecurity is a rapidly evolving field, meaning that a certificate issued in the past may not necessarily correspond to the level of competence currently required. However, its validity must be sufficiently long to ensure the certificate continues to function and remains relevant in the market. The certificate’s validity can be extended (Article 10 of the Act on the National Cybersecurity System).

Obtaining a national certificate also entails certain obligations on the part of its holder, including reporting obligations to the conformity assessment body, as further specified in Article 12 of the Act on the National Cybersecurity Certification System. The act stipulates that technical documentation regarding the subject of certification must be retained for a period of 10 years following the certificate’s expiry. This is necessary for monitoring and, if necessary, auditing the proper functioning of conformity assessment bodies (Article 14 of the Act on the National Cybersecurity Certification System).

Creating national cybersecurity certification schemes

Pursuant to Art. 15 of the Act on the national cybersecurity certification system: The minister responsible for digitalization may specify, by regulation, a national cybersecurity certification scheme for selected ICT products, ICT services, ICT processes, managed security services, cybersecurity management systems or individuals, containing:

1) detailed requirements for ICT products, ICT services, ICT processes, managed security services, cybersecurity management systems subject to conformity assessment or individuals whose knowledge and practical skills in the field of cybersecurity are subject to conformity assessment;

2) detailed methods used to demonstrate that an ICT product, ICT service, ICT process, managed security service, cybersecurity management system or individual meets the requirements referred to in point 1;

3) detailed conditions for issuing, maintaining and extending the validity of national certificates;

4) detailed method of monitoring the compliance of ICT products, ICT services, ICT processes, managed security services, cybersecurity management systems or individuals with the requirements referred to in point 1, including mechanisms for demonstrating compliance with these requirements;

5) the detailed scope of technical documentation relating to certification and the method of storing and destroying this documentation;

6) the period of storing technical documentation relating to certification;

7) the period for which the national certificate is issued; 8) the template of the national certificate.

Accreditation and conformity assessment

Conformity assessment is performed by a conformity assessment body accredited to a given European cybersecurity certification program or national cybersecurity certification scheme. To assess the conformity of products, services, processes, managed services related to the security of cybersecurity management systems, and individuals, interested entities will need to obtain accreditation from the Polish Centre for Accreditation (PCA). The Polish Centre for Accreditation will inform the minister responsible for digitalization, no later than 14 days from the date of accreditation, of the granting of accreditation to a given European cybersecurity certification program or national cybersecurity certification scheme, as well as of any refusal, suspension, or limitation of the scope of accreditation to a conformity assessment body no later than 14 days from the date of the relevant decision. The Polish Centre for Accreditation supervises, within the scope of accreditation granted, conformity assessment bodies in the area covered by a given European cybersecurity certification scheme or a given national cybersecurity certification scheme, taking into account the requirements referred to in Art. 22 sec. 4 of the Act of 13 April 2016 on conformity assessment and market surveillance systems and the requirements specified in: 1) the annex to Regulation 2019/881, 2) European cybersecurity certification schemes, 3) national cybersecurity certification schemes (Art. 16 and 17 of the Act on the national cybersecurity certification scheme).

Assessment of compliance with the requirements of the European cybersecurity certification program

An ICT product, service, process, or managed security service (which therefore has a narrower scope) may be subject to a conformity assessment in accordance with a given European cybersecurity certification scheme based on an agreement between the provider and the conformity assessment body. The conformity assessment in question refers to one of the assurance levels specified in Article 52 of Regulation 2019/881. This agreement specifies, in particular, the ICT product, ICT service, ICT process, or managed security service to be subject to a conformity assessment, the scope of certification, the European cybersecurity certification scheme under which the European certificate is to be issued, the assurance level to which the certificate is to refer, the obligations of the parties related to certification, and the obligations related to the protection of information provided to the conformity assessment body, in particular the method of protecting trade secrets and other confidential information, including trade secrets, as well as the protection of intellectual property rights (Article 5 of the Act on the National Cybersecurity Certification System).

Article 49(7) of Regulation 2019/881 states that the Commission, on the basis of a scheme proposal prepared by ENISA, may adopt implementing acts establishing a European cybersecurity certification scheme for ICT products, ICT services, ICT processes and managed security services that meets the relevant requirements set out in Articles 51, 51a, 52 and 54. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 66(1) and in paragraph 8 that “ENISA shall evaluate each adopted European cybersecurity certification scheme at least every 5 years, taking into account feedback received from stakeholders. Where necessary, the Commission or the ECCG may request ENISA to initiate the process of developing a revised scheme proposal in accordance with Article 48 and this Article.

Currently, one European cybersecurity certification scheme has been adopted, i.e. the European Cybersecurity Certification – the Scheme on Common Criteria (EUCC), effective from February 2025, applies to ICT products (hardware, software, components) and is based on the Common Criteria standard (ISO/IEC 15408). Such a certificate issued in Poland will be recognized throughout the EU. Other programs are in the preparation phase, including the European Cybersecurity program. Certification Scheme for Cloud Services (EUCS) for cloud services.

The role of the minister

The national cybersecurity certification authority, referred to in Article 58 of Regulation 2019/881, is the Minister responsible for computerization (Article 4 of the Act on the National Cybersecurity System). As part of the responsibilities imposed on the national government administration authority responsible for cybersecurity, the minister will conduct a number of administrative proceedings, including: granting consent to the issuance of European certificates referring to the “high” level; issuing authorizations to conduct conformity assessments where the certification program specifies specific requirements for assessment bodies; 3) withdrawing and limiting authorizations to conduct conformity assessments where the certification program specifies specific requirements for conformity assessment bodies; withdrawing a certificate referring to the “high” assurance level issued in contravention of the provisions of Regulation 2019/88 or the Act or in contravention of the provisions of the certification program; and imposing fines.

As part of the certification programs being developed by the European Cybersecurity Agency (ENISA), a procedure for introducing changes to the assessment methodology used by a conformity assessment body has emerged. Such an exception to the standard certification procedure requires the consent of the competent authority for cybersecurity. Therefore, it was necessary to establish an appropriate procedure in national legislation. Article 21, Section 1 of the Act on the National Cybersecurity Certification Scheme states: “If a given European cybersecurity certification program provides for the possibility of introducing changes to the assessment methodology to be used by a conformity assessment body, that body may submit a request to the minister responsible for digitalization to introduce changes to that methodology. The request shall include proposed changes to the assessment methodology to be used by the conformity assessment body, along with a justification.”

Artykuł New provisions on cybersecurity certification in Poland pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

What is CSIRT GOV and what is its legislative environment

The Polish Computer Security Incident Response Team (CSIRT GOV), led by the Head of the Internal Security Agency, serves as the national CSIRT. The CSIRT GOV is responsible for coordinating the response process to computer incidents occurring in the area specified in Article 26, Section 7 of the Act of 5 July 2018 on the National Cybersecurity System.

The first European cybersecurity regulation is Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the European Union, known as the Network and Information System Directive (NIS). The directive imposes numerous obligations on Member States, primarily involving the establishment of appropriate institutions, the adoption of a national strategy for the security of network and information systems, and the introduction of cooperation mechanisms. This directive established a network of computer security incident response teams (CSIRTs).

The Act on the National Cybersecurity System, adopted by the Polish legislator on 28 August 2018, serves to achieve the objectives set out in the NIS Directive. Pursuant to Article 1 of the Act on the National Cybersecurity System, the act specifies: the organization of the national cybersecurity system and the tasks and responsibilities of the entities comprising this system, the method of exercising supervision and control over the application of the provisions of the act, as well as the scope of the Cybersecurity Strategy of the Republic of Poland.

The legislator, in principle, decided to create three teams:

• CSIRT GOV – Computer Security Incident Response Team operating at the national level, led by the Head of the Internal Security Agency,

• CSIRT MON – Computer Security Incident Response Team operating at the national level, led by the Minister of National Defence and

• CSIRT NASK – Computer Security Incident Response Team operating at the national level, led by the Scientific and Academic Computer Network – National Research Institute (Article 2 of the Act on the National Cybersecurity System).

The competence of CSIRT GOV and CSIRT MON is defined in Article 27 of the Act on the national cybersecurity system as follows: “CSIRT GOV is competent in the scope of incidents related to events of a terrorist nature, referred to in Article 2 point 7 of the Act of June 10, 2016 on counter-terrorist activities (Journal of Laws of 2024, item 92); CSIRT MON is competent in the scope of incidents related to events of a terrorist nature, referred to in Article 5 paragraph 1 point 2a of the Act of June 9, 2006 on the Military Counterintelligence Service and the Military Intelligence Service (Journal of Laws of 2023, items 81, 1834 and 1860).

One of the basic tasks of CSIRT NASK is to recognize, prevent, and detect threats to the security of public administration bodies’ ICT systems or ICT systems and networks covered by the uniform list of facilities, installations, devices, and services constituting critical infrastructure, as well as ICT systems of owners and holders of critical infrastructure facilities, installations, or devices, referred to in Art. 5b paragraph 7 item 1 of the Act of 26 April 2007 on Crisis Management.

CSIRT GOV Annual Report

CSIRT GOV has just published a report on the state of cybersecurity in 2024. The document comprehensively presents statistics on the number and types of incidents and threats, comparing them with data from previous years. It presents the most significant threats and undesirable cyber activity targeting the IT infrastructure of public authorities, critical infrastructure operators, and entities providing essential services. The report is based on an analysis of IT security incidents reported and identified by CSIRT GOV, data obtained using systems enabling autonomous threat detection, and information obtained from the Team’s active activities. The study also includes analyses of the changing cybersecurity landscape, significant trends, and potential security weaknesses.

The Report highlights at least two interconnected circumstances that seem to force reflection on the significance of cybersecurity threats and the systems designed to eliminate or mitigate them. On the one hand, it highlights the technological trend that is increasingly permeating our lives with each passing moment. The result is rapid digitization, which is taking place through the transfer of increasing amounts of data relating to citizens, public services, communications, and finances to the digital sphere. The undeniable convenience of such applications also means that cyberspace can be increasingly effectively used to launch attacks on a scale that seriously threatens the security of the state and its citizens.

The second factor is the geopolitical environment and context. On March 1, 2024, the CRP alert level for cyber threats was lowered from the previously applicable CHARLIE-CRP, the third of four alert levels, to the currently applicable BRAVO-CRP, the second alert level. This, however, means that we are still dealing with a state of heightened threat in Polish cyberspace, despite a slight reduction in the intensity of this threat. The changing landscape of conflicts between states was also highlighted. Unlike in the past, conflicts take the form of not only kinetic clashes but also involve the use of a full spectrum of tools, including those extending into cyberspace. Ultimately, they most often take the form of “hybrid operations or wars,” which can complement military actions, serve as an alternative, or serve as a precursor to a kinetic strike. For this reason, it is important to consider the broader context of emerging incidents.

2024 was a year of dual elections: local government and the European Parliament, which each time requires vigilance on the part of bodies like CSIRT GOV due to the much more widespread threat of disinformation. It is also necessary to ensure the proper functioning of the IT systems used to conduct elections, with citizens’ trust in the democratic process ultimately at stake.

CSIRT GOV Coordinated Incident Statistics

In 2024, a decrease in reports registered by the CSIRT GOV Team regarding potential ICT incidents was observed. Of the 17,439 reports, 3,991 were classified as actual ICT security incidents. In 2022, 26,753 reports and 4,959 incidents were recorded, followed by 19,888 reports and 4,676 incidents in 2023. These statistics do not include reports from the ARAKIS GOV system. The lack of data from ARAKIS, a dedicated, distributed early warning system for ICT threats occurring at the interface between internal networks and the internet, may be due to the need to separate these statistics, which will be discussed later in this article.

There are no significant differences in registered reports and incidents between individual quarters in 2024. However, the highest number of incidents was recorded in the second quarter, which was related to an increase in resource unavailability and the publication of sensitive data in open sources, i.e., leaks.

The CSIRT GOV team indicates that the factors that led to the decrease in incidents include: 1) proactive activities conducted by CSIRT GOV to increase user awareness through training; 2) reporting on identified vulnerabilities within the area of competence; 3) ongoing issuance of CSIRT GOV recommendations – appropriate to the CRP threat level; 4) regular distribution of compromise indicators for monitored campaigns; 5) periodic security assessments of IT systems; 6) the institution’s implementation of security solutions that mitigate attacks in their early stages.

Division of incidents reported by entities of the national cybersecurity system into categories

The highest percentage of recorded incidents, and the most significant increase, occurred in the Vulnerability category. The numbers for incidents in this category are as follows: 1,105 incidents compared to 993 in the previous year. This category refers to security vulnerabilities identified by the CSIRT GOV Team resulting from the vulnerability of resources and services accessible via the Internet by entities under the CSIRT GOV’s jurisdiction.

Vulnerability refers to a weakness in an IT system, e.g., in procedures, design, implementation, or internal controls, that can be exploited for unauthorized access, data destruction or disclosure, data alteration, system weakening, etc.

The next category is Publication. In this regard, there was a decrease in such incidents from 1,052 in 2023 to 902 in 2024. Publication refers to the disclosure of sensitive data through leaks, including login credentials for electronic services, private PGP keys, or information about the specifications of an institution’s IT infrastructure.

Among the activities recorded in the Social Engineering category, the GOV CSIRT Team identified phishing emails aimed at obtaining login credentials for electronic services or other sensitive data, infecting them with malware, or extorting funds. There was a noticeable and significant decline in incidents in this category. In 2024, 815 such incidents were recorded, compared to 1,362 in the previous year. A decrease was also noted in the

Unavailability category, which includes DoS / DDoS attacks (773 incidents in 2023 and 478 in 2024). The remaining, smaller categories, to which a similar number of incidents were assigned as in 2023, are Attack (325 in 2023 to 261 in 2024) – events recorded in this category included attempts to break security by exploiting vulnerabilities, bruteforce attacks, compromise of accounts and systems, and exfiltration of data from adopted IT resources, Cascade (235 incidents in 2024, category not presented in previous years) – referring to reports and incidents related to terrorist events, based on Article 27 of the Act on the National Cybersecurity System. These include all activities aimed at minimizing terrorist threats undertaken by CSIRT GOV in coordinating incident management.

Scanning, or reconnaissance of IT infrastructure to identify vulnerable systems and services, is a category that has seen an increase compared to the previous year (108 incidents in 2024, compared to 101 in 2023). This category includes incidents indicating the possibility of preparing offensive actions aimed at breaching security or compromising the availability of services. The two smallest incidents in terms of number of incidents are Content (53 incidents in 2023, 56 in 2024) and Virus (37 incidents in 2023, 31 in 2024). The former concerns incidents violating broadly understood public goods, such as information damaging the image of state entities or publishing disinformation content. This primarily includes the mass use of the image of persons holding leadership positions in the state, for example, to extort funds from citizens. The Virus category classifies incidents involving malware identified on workstations, servers, and network devices.

The report also includes data on the number of incidents reported by entities within the national cybersecurity system in 2024, broken down by sector. According to this data, the largest number of incidents occurred in the Institutions and Critical Infrastructure Operators sectors. The next sectors in terms of the number of recorded incidents were: State Authority, Office, Ministry, Other, and Service.

Social engineering campaigns in 2024

Social engineering campaigns identified by CSIRT GOV in 2024 most often involve attempts to obtain confidential data, such as login credentials, by impersonating various institutions (phishing), while creating various fictitious scenarios to lend credibility to requests, such as a password reset via a hyperlink sent in an email that led to a fake website. Among the most interesting social engineering campaigns cited by CSIRT GOV in the Report was a phishing campaign involving the sending of messages from a compromised email address belonging to a district office, with a terse subject line and content intended to give the impression that it was part of prior arrangements or correspondence between the sender and recipient. The messages contained attachments named additional (02).docx.exe or additional (03).docx.exe, which contained the Agent Tesla Trojan malware.

Another social engineering campaign, based on a similar theme, also stands out. The goal was to infect recipients’ devices with malware. The sender impersonated PGNiG Obrót Detaliczny sp. z o. o. in the email. The email, titled “PGNiG – Request for Offer: Suwalki Project 2025/2026,” was intended to intrigue the recipient and persuade them to interact with the attachment. The attached archive, titled “PGNIG Request for Offer: Suwalki Project 20252026.gz,” contained a VBS file with the same name. Analysis conducted by the CSIRT GOV team revealed that the script was responsible for downloading malware classified as the GuLoader Trojan from the mobiera.ro domain.

Since the end of August 2024, the CSIRT GOV team has received information about a phishing campaign in which an adversary impersonates the Chancellery of the Prime Minister to obtain login credentials for banking portals (officially used as a login method for government e-services such as mObywatel and Trusted Profile). The website in question was located in the environment.odszkodowanie-gov.com domain. The website used the image of the Chancellery of the Prime Minister and the style of the official government website, which is used by the state administration within the gov.pl domain. The website displayed information about a supposed compensation that every household was entitled to in excess of PLN 400. To receive these funds, users had to authenticate using a bank of their choice. After selecting a financial institution from the list, the fake bank’s website loaded, displaying a login panel.

The most important trends in social engineering attacks in 2024 include: the use of compromised email accounts of local, provincial, national or international institutions, including the takeover of government email accounts (including those in the gov.pl domain), the use of QR codes instead of classic links, allowing the bypassing of automatic scanning of potentially malicious content by email security filters, signing documents using services such as DocuSign and encouraging the display of shared documents on real services such as Microsoft SharePoint or Google Drive, and the use of the image (e.g. logo) of Polish and European law enforcement agencies to intimidate the recipient into taking appropriate action.

The threat from sponsored and hacktivist groups

Threats stemming from sponsored groups are typically characterized by a high level of technical sophistication and sophistication. A key characteristic of these groups is remaining hidden while simultaneously ensuring access to compromised infrastructure. Due to its geopolitical location, Poland is particularly vulnerable to these threats, stemming primarily from the activity of adversaries supporting primarily Russian goals or narratives. Furthermore, in 2024, attacks attributed to hacktivist groups continued to be a constant feature of the cyberthreat landscape. Unlike sponsored groups, these groups intensively published information about their activities on social media to reach the widest possible audience and thus promote their ideological goals. These groups focused their activities on DDoS attacks aimed at disrupting the availability of services and websites, a continuation of the activities from 2022 and 2023. In 2024, a wide range of APT activity was recorded, with the dominant actor in the CRP being the APT group known as APT28, also known as Fancy Bear, which, according to some sources, was actually part of the Russian GRU. ATPs pose a serious threat to the Polish state. ATP28’s mission is primarily to conduct espionage operations, and its targets primarily include government and military institutions, international organizations, and strategic sectors of the economy. ATP activity was characterized by the use of advanced, multi-stage techniques aimed at obtaining credentials, installing malware, and providing persistent access to victim systems.

Example of an ATP28 attack using… Windows Calculator

Perhaps the most spectacular attack involved the distribution of the HEADLACE malware. According to the report, the attack began with an email containing a malicious link, simulating an offer to sell a car from the diplomatic fleet. The email was sent from an email address in the bigmir.net domain, which indicated a Ukrainian email provider. The message encouraged users to open a link under the guise of an Audi car for sale, when in reality the link referred to a webhook.site website. The website’s script verified the value of the browser’s UserAgent header. If the victim was using a non-Windows system, a benign image was displayed; otherwise, a ZIP archive containing three files was downloaded to the victim’s computer: EXE, DLL, and BAT. The executable file had a double.jpg.exe extension to imitate a graphic file, as in previous campaigns. The image in question was a so-called decoy file:

Most interestingly, the file with the .jpg.exe extension was a copy of the authentic Windows Calculator application. However, the Windows Calculator was vulnerable to the so-called DLL Side-Loading technique. (Malware readily exploits the characteristics of dynamic link libraries ( .dll ). The fundamental characteristic of dll libraries is that they require a process to execute the code contained within them. This is where all the abuses in the form of injecting malicious .dll libraries into trusted program processes occur. If Windows or an installed application only checks the name of the .dll library to be loaded, without verifying the checksum or digital signature, it is possible to replace such a .dll library with a malicious one). The purpose of the library in question was to execute the last of the three files, a BAT script. As a result of executing the BAT file, a file with the .jpg20 extension was downloaded from a resource in the webhook [.] site domain using Microsoft Edge. This file was then transferred to another location, changing the file extension to .cmd using the script for execution. Following the attack, some artifacts were deleted to minimize the risk of detection. The final payload returned information from the victim’s workstation, including a list of files from the Desktop and Downloads folders, as well as the IP address.

What else is the ATP28 group responsible for?

ATP28 activity also included another type of phishing activity, involving impersonating email administrators and persuading users to provide their login credentials in a fake Outlook Web Access panel. In 2024, several such campaigns targeted government administrations, including password change panels in both Polish and English, as well as those designed to increase the size of email inboxes. This type of phishing is a classic method of obtaining sensitive data, and the effectiveness of the attack is related to the maturity of individual entities in terms of their cybersecurity measures, which are also within the actor’s area of interest.

Among the activities that most likely fit into the APT28 cluster of activity were password bruteforce attacks, spraying and credential stuffing email accounts and VPN services27 to gain access to email and other resources processed by employees of entities targeted by Russian-sounding APT groups. To conceal the attempted breach, the actor used access through anonymizing networks and residential proxies, using compromised network devices belonging to private users or small businesses, usually geolocated in the same country. In 2024, the actor also reportedly used the DCSync technique to mass replicate user login data within a domain controller, the so-called credential dump. This may result in ensuring the actor’s long-term access to the infrastructure by creating the so-called Golden Ticket -ui to carry out the Pass the Ticket attack. These activities are consistent with the group’s modus operandi, which, after gaining access to infrastructure, employs so-called living- off-the-land techniques, involving the use of available system tools to escalate privileges or exfiltrate data.

Hacktivists and Cybercrime

Following the outbreak of the war in Ukraine, numerous groups and collectives emerged, conducting a kind of guerrilla activity in cyberspace. The term “hacktivism” itself comes from a combination of the words “hack” and “activism,” and is—as the name suggests—the transference to cyberspace of the activities of activists fighting for various political or ideological goals. In the case of pro-Russian ” hacktivists ,” the motivation they present on social media is primarily support for Russian military actions and “punishing” NATO alliance members for their military support of Ukraine. The most well-known groups include Killnet , Anonymous Sudan (despite its name, it aligns with Russia’s narrative), Cyber Army of Russia Reborn , XAKNET, Solntsepek , UserSec , NoName057(16), Zarya , Beregini, and Z- Pentest. Their primary method of operation is DDoS attacks, usually technically unsophisticated but heavily publicized for propaganda purposes. In 2024, the CSIRT GOV team also recorded malicious activity targeting domestic entities, including attempted hacks into IIoT ( Industrial Internet of Things ) systems with remote access over the internet, including through HMI (Human-Machine Interface) panels. This is a new manifestation of hacktivist threats, which have somehow become a focus of interest for these groups. Attacks on such devices were often due to the lack of adequate remote access protection. These weaknesses were also noticed by hacktivist groups. These groups, taking advantage of online login panels, engaged in activities aimed at gaining unauthorized access, primarily through the use of default login credentials. This threat particularly affected facilities such as sewage treatment plants, water treatment plants, waste incineration plants, and facility management facilities.

In 2024, CSIRT GOV also noted cybercriminal activity, including Chinese groups belonging to the Quad7 botnet using vulnerable TP-Link devices. The botnet was used to anonymize attacks, including attempts to take over Microsoft 365 accounts. The UAC-0050 ( DaVinci Group) group also operated, conducting widespread phishing campaigns, including in Poland. Unlike APT groups, which strive to remain hidden and attack precisely selected targets, the DaVinci Group’s modus operandi is different. The group prefers broad attacks and pays little attention to effectiveness. An example of this type of attacks was a campaign recorded in 2024, in which messages were sent to recipients in Poland in Kazakh, which did not fit into any Polish context. This group was also responsible for a disinformation campaign from the end of 2024, in which false threats were sent to plant explosives on government buildings in Poland and Ukraine (as Fire Cells Group). It was a psychological operation intended to cause panic, not an actual attack.

Malware

The CSIRT GOV team analyzed over 15,000 files reported by entities in the national cybersecurity system, 650 of which were deemed malicious. The dominant categories among the analyzed malware samples in 2024 were HTML Phisher, Snake Keylogger, Formbook, and Remcos. HTML Phisher is used in phishing attacks. This type of software is most often distributed by sending victims spoofed emails containing HTML/HTM attachments. After opening the attachment, the user sees a page imitating the service (e.g., online banking or an email login panel). The page is designed to closely resemble the original website. An HTML Phisher attack is also dangerous because it is often able to bypass spam filters and can operate partially offline, as it is opened locally on the victim’s device. Snake Keylogger is software that records all keyboard input by the user. Of course, this also includes login credentials. Snake Keylogger is often distributed via malicious email attachments or as part of a bundle with other software. Once installed, it runs in the background and is often able to evade detection by standard antivirus programs.

Formbook is a popular infostealer malware that focuses on stealing user data, such as login credentials, files, and information stored in web browsers (e.g., saved passwords and cookies). Formbook is sold, among other things, as malware -as-a-service, making it easily accessible to cybercriminals. It is primarily distributed via infected attachments (e.g., PDF files, Office documents) or links in phishing emails. Once a computer is infected, Formbook saves data in hidden files and uploads it to attacker-controlled servers. This type of malware supports functions such as keylogging, taking screenshots, and downloading and executing additional files sent by the attacker. Another malware family is Remcos. Remcos is a remote administration tool that can be used to gain complete control over an infected system. This software allows it to perform a range of actions, such as keylogging, screenshots, webcam and microphone monitoring, and even run arbitrary programs and commands on the victim’s computer. Remcos was initially promoted as a legitimate computer management tool, but quickly became a popular tool used by cybercriminal groups. It is most commonly distributed through phishing campaigns, where victims are tricked into opening infected attachments. Its features include the ability to run in stealth mode, making it difficult for standard security systems to detect.

ARAKIS GOV

The ARAKIS GOV system, mentioned earlier, is included separately in the statistics for a reason. The system’s primary purpose is to detect and automatically describe threats occurring in IT networks based on the aggregation, analysis, and correlation of data from various sources. In 2024, the system generated 5,446,734 alerts, including 3,322,068 with urgent priority, meaning they required an immediate response from administrators. A small percentage of alerts were high and medium priority, while nearly 40% were low priority, meaning they were purely informational alerts regarding the current situation at the interface between the internal network and the internet. Each recorded alert has precise technical data allowing for its verification and is classified in detail by the system. 56.60% of alerts were type 1 (communication to malicious addresses). These alerts resulted from attempts to establish communication with IP addresses or domains deemed malicious or potentially posing a threat.

Safety Assessment Summary

One of the tasks carried out by the CSIRT GOV Team is to assess the security of government administration institutions’ information and communication systems and critical infrastructure. In 2024, in accordance with the plan adopted for this year, assessments were conducted at 14 institutions, assessing a total of 64 network/IT system segments and 26 domains/subdomains and websites. As part of the security assessments, the CSIRT GOV Team conducted a series of tests to identify significant vulnerabilities affecting the security of the assessed entities’ information and communication infrastructure. These tests included passive and active data collection, identifying vulnerabilities in the architecture of network systems and services, web applications, exploiting vulnerabilities, and analyzing the impact of social engineering. As a result of the security assessments, the CSIRT GOV Team identified a range of vulnerabilities, ranging from low to critical. Critical and high threats were identified as the most important groups of vulnerabilities. These vulnerabilities included, for example: outdated software versions present in a number of systems and services used by entities, primarily concerning Apache HTTP Server, OpenSSL, VMware, use of unsupported software versions (Microsoft Windows 2008 R2 std . – end of support January 14, 2020, Microsoft SQL Server 2008 R2 – end of support July 9, 2019, VMware 6.7.x – end of support November 15, 2023), anonymous access, without required authentication or based on default passwords, etc.

Security Assessment – Examples of detected vulnerabilities:

1. Unsecured access to the Docker API – Access equivalent to accessing the server as a user with the highest privileges – root.

2. Discovery of the primary domain administrator’s credentials on the sysvol share.

3. High-privilege MSSQL user – As a result of a Password Spraying attack, access was gained to a network share containing the source code of a web application. A configuration file containing the credentials of the MSSQL service user was found within the code structure. During reconnaissance of the database engine using the compromised credentials, it was discovered that this user had high privileges, allowing them to reconfigure the database server. This was used to execute commands directly on the operating system.

4. Credential disclosure through fuzzing and directory listing: The HP Web Jetadmin service version 10.5.114213 (10.5 SR1) was detected on port 8085/tcp. As a result of the fuzzing tools (wfuzz), unsecure access to the log directory was detected. By enabling the Directory listing option, it was possible to quickly identify resources in a given path and proceed directly to further analysis and attacks on subsequent resources.

5. RCE – Java DebugWireProtocol (JDWP): Java DebugWireProtocol (JDWP) is a protocol used for communication between the debugger and the Java virtual machine. It does not use any authentication and can be exploited to execute remote commands (Remote Code Execution, RCE).

6. Cross-Site Scripting (XSS): By sending a POST request to https://[redacted]/4ses/servlet/

MainServlet?wbts:page=core.search.results.list, it was possible to inject JavaScript code into the search_text parameter. The lack of server-side validation caused the injected code returned in the HTTP response to be executed by the victim’s browser (Reflected XSS).

7. Sensitive data was included in the application logs.

8. DEBUG mode was enabled in the production application.

To properly protect an organization against incidents related to supply chain attacks (depending on the type of cooperation between entities), appropriate security measures may include:

● Risk assessment – a process aimed at identifying, assessing, and managing risks in the existing supply chain, as well as its new/potential connections;

● Regular audits and inspections – tasks confirming or denying the supplier’s ability to safely perform contractual activities;

● Controlling necessary authorizations – an activity involving regular verification of granted resource authorizations, solely on the basis of the so-called Least Privilege;

● Business continuity planning – developing business continuity plans and mitigating the effects of an incident should it occur;

● Data encryption – encrypting data during transmission and storage to ensure its proper security;

● Continuous monitoring – the use of threat and incident monitoring and reporting systems to ensure prompt action;

● Selection of suppliers who meet standards, such as those developed by the International Organization for Standardization (ISO).

Artykuł CSIRT GOV Poland – Computer Security Incident Response Team recently published a very interesting and insightful report on the state of cybersecurity in Poland in 2024. pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

In this article attention will be paid to the valuation of the company’s shares:

When is a stock valued at the day’s price?

When is a stock valued at its mid-year average price?

The topic will be analyzed from an economic perspective. Additionally, these aspects will include situations in which one of the previously mentioned valuations is used and why it works well in those situations.

Stock Valuation

Stock valuation is a key process for investors, allowing them to assess investment risk and helping them decide whether to buy or sell a stock. There are several stock valuation methods that provide information about whether a company is undervalued or overvalued.

The most popular share valuation methods:

1. The accounting method (net asset value) estimates the value of a company’s assets after subtracting liabilities, and divides the result by the number of shares outstanding. This method does not take into account future growth prospects and is therefore rarely used.

2. Liquidation method – assesses the value of a company’s assets in the event of its liquidation, i.e. the sale of all assets after paying off liabilities.

3. Multiples (comparative) method – this method relies on valuing the company relative to other companies in the same sector. Ratios such as price/earnings and price/book value are key here.

4. The DCF method assumes that the value of a company is equal to the sum of discounted future cash flows. This model is more complex, taking into account all relevant economic variables.

Intrinsic value of shares

If the IVA is higher than the market price, the stock is undervalued, suggesting a buy. If it is lower, the stock is overvalued, suggesting a sell.

Company valuation

A company valuation is necessary in many situations, such as during a sale, merger, creditworthiness assessment, or liquidation. Three main categories of valuation methods are used: asset-based, income-based, and comparable. Each method can be selected depending on the company’s business activity and economic conditions. Among the asset-based methods are the adjusted net asset method and the liquidation value method, which are particularly useful in the event of a company liquidation.

In summary, stock valuation is an important tool for investors to help them assess the true value of a company and make informed investment decisions.

Assets and liabilities are valued at least once per balance sheet date in accordance with the Accounting Act. Valuation methods depend on the type of assets and liabilities.

Asset valuation principles:

• Fixed assets and intangible assets: are valued at acquisition price or production cost, less depreciation and impairment losses.
• Real estate and intangible assets classified as investments: valued according to the principles relating to fixed assets or at market value.
• Fixed assets under construction: the valuation includes costs related to acquisition or production, taking into account write-offs for permanent impairment.
• Long-term shares and investments: valued at cost, adjusted for impairment losses or fair value.
• Short-term investments: valued at market value or cost, whichever is lower.
• Material current assets: at acquisition price or production cost, which cannot be higher than their net selling price.
• Receivables and loans granted: are valued at the amount due, in accordance with the prudence principle.

Principles of valuation of liabilities:

• Liabilities: are valued at the amount due, unless they are financial liabilities that can be valued at market value.
• Reserves: are valued at a reliably estimated value.
• Equity: valued at nominal value.

Additionally, assets and liabilities denominated in foreign currencies are valued at the average NBP exchange rate as at the balance sheet date.

If an entity is unable to continue as a going concern, assets are valued at their net realisable prices and a provision is made for potential losses associated with the liquidation of the business.

Stock valuation involves determining a stock’s value to identify which stocks are undervalued (to buy) or overvalued (to sell). There are several main valuation methods:

1. Income Methods: These rely on the company’s future earnings and project future cash flows to assess the value of a stock.

2. Cost and asset-based methods: These take into account the company’s assets, value of assets and liabilities to determine the value of shares.

3. Mixed methods: They combine different approaches, taking into account both the value of the assets and future income.

The key concept is the stock’s intrinsic value (IVA), which may differ from the market price due to market imperfections. Stocks are:

• Undervalued (market price is lower than PAH) – worth buying.
• Overvalued (market price is higher than PAH) – worth selling.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Stock valuation boils down to determining the value of a company, also known as its intrinsic value. The value of a single share is obtained by dividing the value of the company by the number of shares outstanding. For new share issues, the arithmetic or weighted average of the number of shares outstanding at the beginning and end of the reporting period is used.

The basis for company valuation is to take into account two values:

1. Company assets.

2. The company’s ability to generate future profits (goodwill).

Business valuation methods are divided into four groups:

1. Income methods – based on forecasting the company’s future income, updated as of the valuation date.

2. Cost- and asset-based methods – focus on valuing a company’s assets.

3. Comparative methods – based on market values of equity and debt.

4. Mixed methods – combine elements of the income and asset approaches.

Income-based valuation methods are based on forecasting the financial benefits a company can generate for its owner. Key steps include determining the company’s ability to generate income and forecasting this income in the future. These valuation methods include the discounted cash flow method , future earnings valuation, and dividend-based methods.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _D – income value of the enterprise being valued
• W _P – capital inflows in the nature of returns to investors
• W _W – capital expenditure of investors for the enterprise
• D _D – dividends
• D _I – other income of investors related to owning the enterprise
• q – discount factor
• t – years

The formula presented above is considered the only true one, although its practical implementation is unlikely. Therefore, solutions are used to simplify the general value formula.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• P – value of an ordinary share
• C _t – income from owning shares obtained in the t-th period
• r – required rate of return of the investor
• n – number of share holding periods

Income from owning common stock comes from two sources:

• changes in the share price during the investment period
• dividends (or other income, e.g. from subscription rights) obtained during the investment period

The disadvantage of this model is the difficulty of estimating future changes in the dividend and share price on the stock exchange.

In the case of an investor holding shares indefinitely, the formula becomes:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

The dividend growth rate is crucial for stock valuation using the discounted dividend model. In practice, the Gordon-Shapiro model is most commonly used. In addition to estimating the required rate of return, there is also the issue of determining the dividend growth rate, denoted by g. Typically, past data is used and the formula: g = r _t r _e ,

Where:

• r _t – retention ratio calculated as the share of retained earnings in the company’s total profit
• r _e – rate of return on retained earnings, determined e.g. by the ROE (Return On Equity) ratio

The discounted dividend model, presented in formula (III), does not account for the fact that the value of a dividend received in the distant future is more uncertain than the value of a dividend received in the near future. This fact should be reflected in the stock valuation model.

One indirect way to account for this fact is to assume that the required rate of return is not constant but increases over time. This will cause the value of the dividend in subsequent periods to be reduced even more than would be implied by the time value of money at a constant interest rate. This reduction reflects uncertainty. The result is a model (called Gordon’s “bird in the hand” model ) , which is a generalization of the discounted dividend model:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

The discounted cash flow (DCF) method is one of the most popular business valuation methods, which is based on the future cash flows generated by the company. Cash flow (Cash flows reflect the cash flows between the company and its environment (suppliers, customers, employees), excluding owners. If these cash flows are positive, they can be reinvested or paid out as dividends; negative cash flows require the use of reserves, which leads to a decrease in the company’s assets.

The DCF method assumes that a company’s value is equal to the sum of future, discounted cash flows available to equity holders. It comprises free operating cash flow (FOCF) and non-operating free cash flow (NCF), which together constitute free cash flow (FCF). Non-operating assets and residual value are added to this, leading to an estimate of the company’s gross value. After subtracting the market value of debt, we obtain net value, or the intrinsic value of equity.

One of the key elements of the DCF method is the discount rate, which is most often determined based on the weighted average cost of capital (WACC). Cash flows are forecasted for several years, after which a residual value is calculated, which takes into account the company’s future earnings after the forecast period ends.

Although the DCF method is widely used in business valuation, including during mergers and acquisitions, it has its drawbacks. Forecasting future cash flows and adopting an appropriate discount rate can be difficult and risky.

Fundamental analysis also uses other metrics, such as P/E ( price -to- earnings ratio), P/BV, P/S, P/CF, and D/S. These metrics help investors evaluate a company in comparison to its competitors and market trends.

Approaches such as EVA (Economic Value Added), which measures residual income after covering all costs of capital, and SVA (Shareholder Value Added), which focuses on the added value for shareholders resulting from investments exceeding the cost of capital, are also used to value companies.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Cost-based and asset-based methods, the oldest in the history of valuation, rely on assessing the value of a company’s assets, i.e., its assets less liabilities. This value is referred to as the company’s net asset value. These methods focus on analyzing net assets, i.e., the difference between total assets and debt.

The most important methods in this group include:

1. The balance sheet net asset valuation method measures equity based on the balance sheet, as the difference between assets and liabilities. This value often underestimates the true market value of a company, particularly its ability to generate profits. The market value of intangible assets, such as patents, licenses, or trademarks, can differ significantly from their book value.
2. The adjusted net asset method is a more advanced version of the balance sheet method. Here, the net asset value is adjusted for items whose balance sheet value requires updating. This takes into account, for example, differences between the book and market values of fixed and current assets.

These methods, despite their simplicity, often do not reflect the full market value of a company, especially in the context of its ability to generate future profits.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _P – company value
• A – carrying amount of assets (property components)
• K _A – adjustment to the carrying amount of assets
• P _O – external liabilities (carrying amount of external liabilities)
• K _Po – adjustment of the carrying amount of external liabilities

• The replacement method – informs about the amount of expenditure that must be incurred to recreate the existing potential in a given company.

The value of an enterprise using this method is calculated based on the formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• Wp – enterprise value,
• W _A – carrying amount of assets,
• △ _C – the difference between the amount of expenditure that must be incurred to create a new material potential and the balance sheet value of the assets,
• U _M – degree of technical wear and tear expressed by the degree of depreciation of assets.
• Liquidation method – allows us to answer the question of what net proceeds the company’s owners would have achieved if they had decided to liquidate it at the time of valuation.

In this method, the value of the company is calculated according to the following formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _p – enterprise value,
• W _LA – liquidation value of assets (the sum of funds that can be obtained from the sale of individual assets),
• Z – balance sheet monetary liabilities to be repaid,
• K _L – liquidation costs.

The method of valuing a company based on its asset value involves several difficulties:

1. Valuation of assets, especially intangible assets, is complicated.
2. The approach of treating a company as the sum of its components ignores the connections between them, which can lead to an incomplete assessment of value.
3. Focusing on asset replacement costs, rather than potential benefits, limits the valuation perspective.

Mixed methods combine asset and income approaches, assuming that the value of a company depends on both its assets and its ability to generate income.

The general concept of this relationship is expressed by the formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W – enterprise value
• W ^M – property value
• Z – standardized annual profit
• r – capitalization rate
• a – weight factor

The most well-known mixed methods are:

1. Average value method – combines the asset and income approaches to obtain the average value of the company.
2. Additional profit methods – these include, among others, the year’s method purchase, Stuttgart and UEC, which are based on the additional profit of the company.
3. Methods of valuing unprofitable companies – such as the Schnettler method and methods taking into account badwill, which refer to companies generating losses.

Choosing the right method depends on several key factors:

• purpose and function of valuation,
• perspectives of the valuation entity,
• the economic situation of the enterprise,
• socio-economic conditions in the region where the company operates.

Stock valuation is crucial for investors to assess whether a stock is expensive or cheap. Stock analysts use various methods to perform this valuation and create recommendations, such as “buy” or “sell.” The main valuation approaches are income, comparative, and asset-based.

Income-based valuation methods focus on assessing a company’s future financial health, assuming that its value depends on future cash flows. Analysts forecast future earnings, revenues, and dividends, which allows them to estimate the stock’s value. The more accurate the forecasts, the more reliable the valuation. An example is the future dividend valuation method, which is based on the value of dividends the company will pay to investors.

Comparative methods involve analyzing ratios such as price to earnings per share (P/E) or price to book value (P/BV). These ratios are compared to other companies in the same industry, allowing us to determine how a given company’s stock compares to its competitors. Choosing the right companies for comparison is crucial, as discrepancies can distort valuation results.

Asset-based valuation methods are based on valuing a company’s assets less liabilities. This is the simplest approach, although it has been criticized for failing to consider the company’s ability to generate future profits. In some cases, a liquidation valuation is used, which estimates how much money shareholders would receive in the event of a company liquidation.

When analyzing stock valuations, it’s worth considering not only analyst recommendations but also carefully examining the company’s development plans and forecasts for the industry it operates in. This will help you better understand investment prospects.

When it comes to valuing shares on the balance sheet date, an entity that has not adopted micro status is entitled to more flexible asset valuation methods. According to the Accounting Act, micro entities must value their assets and liabilities at historical values, i.e., at purchase price, which excludes the possibility of using market value. To achieve micro status, an entity would have to decide to prepare simplified financial statements.

Since the entity in question did not opt for simplifications, it has the option of valuing shares classified as long-term assets in accordance with Article 28, Section 1, Item 3 of the Act. This means that financial assets should be valued at purchase price, with the option of revaluing to market value. If the value of the shares increases, this difference can increase the revaluation reserve, whereas if the value decreases, the effects of this action will have to be recorded as financial costs.

This approach allows an entity to adjust its share valuation to current market prices, which facilitates a more accurate representation of asset values in financial statements. This is crucial for making informed investment decisions based on realistic data about the value of shares held.

Valuing shares on the balance sheet date is a complex process that depends on their classification as short-term or long-term financial assets. For both categories, in accordance with the Accounting Act, shares are valued at purchase price less impairment losses or at fair value, which translates to market valuation.

Shares are issued by joint-stock companies and provide investors with property rights (e.g., the right to dividends) and non-property rights (e.g., the right to vote at the general meeting). The Act defines investments as assets acquired for the purpose of achieving economic benefits, which includes both appreciation in value and dividend income. Shares qualified for investment are classified according to their intended holding period: short-term (sale within 12 months) or long-term (sale after that period).

Pursuant to Article 28, Section 1, Item 3 of the Accounting Act, shares should be valued at cost or fair value no less frequently than on the balance sheet date. Costs associated with the purchase of shares, such as brokerage commissions, are included in the purchase price, while other costs, such as investment analyses, are classified as operating expenses.

If the value of shares changes, a revaluation must be performed on the balance sheet date. An increase in the value of shares to the market price increases the revaluation reserve, while a decrease in value reduces this reserve if the difference has not been previously settled. Otherwise, the effects of the decrease in value are recognized as financial expenses.

The examples illustrate the valuation principles. In the first case, the company holds shares with a market value below the acquisition price; the valuation effects are recognized as write-downs. In the second case, when the market value of the shares increases, the valuation effects are recognized as financial income.

The classification of shares as short-term or long-term financial assets influences their valuation. Entities that cannot or do not wish to apply detailed valuation principles can use the general provisions of the Accounting Act, which is advantageous for small entities.

Selling or buying a company is a process that requires precise decisions based on reliable data.

The Importance of Company Valuation

Company valuation is crucial in the context of purchases, sales, mergers, acquisitions, and tax procedures. This process includes analysis of the company’s financial condition, sector potential, customer structure, resources, and growth opportunities. A professional valuation increases the chances of attracting buyers and allows for informed investment decisions.

Valuation Methods

1. Income Method (DCF):
   1. It is based on future cash flows.
   1. Considered one of the most reliable methods, it uses financial forecasts and analyzes the company’s risk.
2. Market-Transaction Method:
   1. Compares the valued company with similar ones using market ratios (e.g. P/E, P/BV, EV/EBITDA).

Valuation Process:

1. Selecting the Valuation Objective:
   1. Key to further proceedings and method selection.
2. Data Acquisition:
   1. Collecting relevant information regarding the business model, finances and market environment.
3. Creating a Report:
   1. It includes a detailed analysis and valuation, as well as answers to customer questions.

DCF Valuation – Stages

• Business model analysis.
• Micro-environment and market research.
• Preparation of a financial model.
• Financial analysis and macroeconomic indicators.
• Valuation summary and report preparation.

Valuation Report

Contains:

• Valuation assumptions.
• Methodology.
• Key company data.
• Detailed financial analyses.
• Estimated value of the company and justification.

For a proper valuation, there need to be considered the following aspects:

• Do they have extensive experience in transaction advisory?
• Is it possible to adapt activities to individual needs?
• High quality and reliable valuations – what exactly does it look like?
• Identification of risks related to transactions – whether they are identified, and even more so whether the detection is carried out reliably.

Valuing a company’s shares based on the daily price and the six-month average is a key consideration in investment analysis and speculation. Each of these valuation methods has different applications and implications for investment decisions.

The spot price is the current market price of a stock, which reflects current market sentiment and reaction to news. Investors who follow the spot price typically have a more short-term perspective. This valuation method is preferred in situations where a dynamic response to market changes is important, such as during a day trading or short-term speculation.

Daily price / current price:

– It reflects current market conditions such as company news, macroeconomic changes, political decisions, and speculation.

– It is more volatile and can be susceptible to manipulation in the short term, which is important in the context of speculation.

– Used in transactional valuation, i.e. when selling or buying shares, where the current price is important.

Average price for half a year ( average Price ) is a method that smooths out short-term volatility and allows to take a longer-term view of a stock. It is a more conservative approach, often used in longer-term valuations, such as in financial reports or when assessing a company’s fundamental value.

Half-year average:

• It provides a broader market perspective, which means that investment decisions are based on more average data, which can reduce the risk of making decisions based on momentary price fluctuations.
• Minimizes the impact of short-term anomalies, such as one-off events affecting the stock price (e.g., crises, quarterly results).
• It may be a more stable indicator for long-term investors, pension funds or M&A transaction valuations.

Speculation and practical applications

From a speculator’s perspective, the choice between the daily price and the six-month average directly impacts investment strategy. Here are some examples:

• The daily price is ideal for short-term speculation, where investors try to capitalize on market volatility. Decisions based on this price are quick and responsive to current changes, increasing profit potential but also increasing risk.
• The six-month average is more appropriate for long-term investments because it minimizes the risk of momentary price fluctuations. This method is often used by investors who want to avoid short-term volatility.
• Speculators can manipulate the market based on the difference between the daily price and the six-month average. For example, they can push up or down stock prices for a short period of time, triggering reactions from investors who base their decisions on current prices.

Arbitrage – Investors can profit from differences in stock valuations based on the divergence between the current market price and its historical average, a common strategy among hedge funds.

When should a company’s shares be valued at the current price and when at the six-month average?

Valuing a company’s shares is a key element of market analysis, and choosing the right method influences investment results and strategic decisions. In practice, we most often encounter two approaches: valuation at the daily price (known as the market price or current price) and valuation at the six-month average. Each of these methods has its specific applications, and the choice depends on the investment context and the desired goal.

Valuation of shares at the current price

The daily price, also known as the spot price, reflects the current market valuation of a stock at a given moment. It is the price at which shares are bought or sold during a trading session.

Applications:

1. Short-term speculation:
2. Speculative investors often use the daily price because it is the most accurate and reflects the current state of the market.
3. Quick reaction to changes in stock prices allows speculators to take advantage of sudden price spikes to make profits.
4. Decisions based on current price are often correlated with technical analysis, trend indicators and market analysis tools.
5. Investment portfolio valuation:
6. In actively managed portfolios, where investors frequently trade, the daily price is the primary parameter for valuing assets. In such cases, quick adaptation to changing market conditions is crucial.
7. Settlement of stock exchange transactions:
8. For the settlement of purchase and sale transactions on the public market, the daily price is the basis for calculating the transaction value and commission.

Disadvantages and risks:

1. High volatility: Daily prices are susceptible to changes due to speculation, investor sentiment, and macroeconomic events. This can lead to wild fluctuations, making long-term forecasting difficult.
2. Emotional decisions: Investors, observing current price movements, may make decisions influenced by emotions, which leads to incorrect investment steps.

Share valuation at the half-year average

The six-month average price measures the average value of a stock over a specified period, which helps smooth out market volatility. This method is particularly useful for minimizing the impact of short-term market fluctuations on investment decisions.

Applications:

1. Long-term investing:
2. For long-term investors, a valuation based on a six-month average provides a more stable picture of the company’s value, avoiding sudden fluctuations.
3. The average price allows to better assess a company’s fundamentals while avoiding short-term market disruptions such as sudden corrections, political events, or other factors that may temporarily impact prices.
4. Planning the company’s strategy:
5. For company management or financial advisors, average-based valuation is useful for long-term planning and growth analysis. It offers a more balanced approach, helping assess financial health without being influenced by short-term fluctuations.
6. Valuation of management options and bonuses:
7. When executives are compensated through stock options, the average price is fairer because it eliminates the element of speculation and is more reflective of the long-term success of the company.

Disadvantages and risks:

• Limited response to changes: Using an average price can delay the response to dynamic market changes. This can lead to over- or underestimation during significant events, such as economic changes or mergers and acquisitions.
• Averaging: A valuation based on the average can mask serious problems for a company if the market currently values it significantly lower. This approach does not always reflect market reality.

Speculation and valuation – practical aspects

Choosing between the daily price and the six-month average price can also be a speculative strategy. Speculators, familiar with market dynamics, can use different valuation methods depending on their goals.

Short-term play: When a stock is trading at its current price, speculators may try to capitalize on short-term fluctuations, allowing them to make a quick profit at high risk.

Long-term speculation: Valuation at the six-month average can be used for more conservative speculation, where the investor hopes that the market price will return to the historical average.

Conclusions

Valuing stocks at the daily price and the six-month average are tools used in various investment contexts. The daily price is crucial for speculators and short-term investors, while the six-month average price is preferred for long-term investors, where stability is paramount. Choosing the right method depends on your investment goals, risk, and attitude toward market volatility.

Mark -to-market valuation of a company’s shares is a method of determining the value of assets (including shares) based on their current market price. This type of valuation has many applications in economics and finance, and the decision to use it depends on specific market conditions and the objectives of investors and fund managers.

Here are the main economic aspects to consider when analyzing the valuation of a stock at its current price:

1. Transparency and ongoing market value assessment

Daily price valuation provides the most up-to-date assessment of a company’s stock value. This is useful when:

• You want to know the exact value of your investment portfolio.
• You follow current market changes, which may influence your decisions to buy or sell shares.
• You analyze the current state of the market for management purposes, e.g. in investment funds or capital reserves.

• Application in short-term investment strategies

Daily price pricing is particularly important for speculators and short-term investors. It’s linked to dynamic share price movements, allowing for:

• Quick response to changing market conditions.
• Using day trading, swing trading or other short-term investment techniques that require quick decision-making based on current prices.
  • High volatility and market risk

High market volatility means that stock prices can change rapidly, which impacts investment decisions. Investors who use the price of:

• They can better adapt their decisions to current changes and reduce the risk of losses resulting from sudden price drops.
• However, they must be prepared to take higher risks arising from these fluctuations, which may lead to the need to monitor their investments more frequently.

• Financial reporting and regulations

Daily valuation is often required for asset valuations for financial reporting purposes, particularly by financial institutions such as investment funds and pension funds. Using this valuation method allows for:

• Better transparency for investors and regulators.
• Real-time assessment of the true value of assets.

• Comparison with long-term valuation (e.g. after a six-month average)

For long-term investments, daily valuation may not be appropriate because:

• It can introduce large fluctuations in portfolio value over short periods that do not reflect long-term trends.
• Long-term investors may prefer to value the stock at a six-month average, which helps mitigate the impact of short-term market movements and better reflect the company’s long-term potential.

• Speculation and valuation stability

For speculators looking to maximize profits in the short term, intraday pricing is more useful. It allows them to:

• Immediate response to market events, such as company financial results, macroeconomic or political changes.
• But it also carries greater risk due to sudden, unpredictable price changes.

In general, daily stock valuation is crucial when a current, market-based assessment of a stock’s value is needed. It is particularly useful for short-term investors and speculators who capitalize on dynamic market movements. However, its use also involves higher risk and greater volatility of asset values.

Examples of using daily price pricing can help illustrate how different approaches to this method impact investment decisions and portfolio management. Here are some specific examples from different markets and strategies:

1. Short-term speculator in tech stocks

Let’s assume an investor focuses on technology stocks such as Apple, Amazon, or Tesla, which are often characterized by high price volatility.

Example:

An investor buys Tesla stock on Monday morning at $240 per share. Later in the day, news breaks that Tesla is launching a new electric car model with revolutionary technology. Tesla’s share price jumps to $270 by market close.

By valuing the shares at the daily price, the investor can immediately estimate the profit:

Purchase price: $240

Closing Price: $270

Earnings per share: $30 ($270 – $240)

The investor decides to sell the stock at the end of the day, realizing an immediate profit. In this case, the daily price allowed him to react quickly to new information and realize a profit in the short term.

2. Investment fund monitoring portfolio daily

Investment funds, especially those managing highly liquid assets, often use overnight pricing to keep investors informed about the value of their portfolio.

Example:

The investment fund holds shares of several large companies from the S&P 500 index, including Microsoft, Apple, Alphabet (Google), and Johnson & Johnson. Following Apple’s quarterly earnings announcement, the company’s share price fell 5% overnight.

At the end of the day, the fund must mark -to-market all of its assets:

Apple shares fall from $190 to $180.

Microsoft shares rise from $300 to $305.

Other shares remain stable.

The fund’s management may inform its investors that the value of the portfolio has changed as a result of the decline in Apple prices, which may influence decisions on possible adjustments to the fund’s strategy.

3. Management of financial reserves by the company

For large companies that hold shares as part of their financial reserves, day-of valuation allows for accurate monitoring of the value of those reserves and for making management decisions.

Example:

The company has a $10 million investment in shares of energy company ExxonMobil . As a result of the changes in the oil market, ExxonMobil’s share price is down 3% on the day.

Portfolio value at the beginning of the day: $10 million

3% share price drop: $10 million * 0.03 = $300,000

End-of-day portfolio value: $9.7 million

Thanks to the day’s valuation, the company’s management knows that the value of the reserves has decreased by USD 300,000, which may prompt the company to decide to sell the shares or hedge against further declines, for example through derivatives.

4. Asset management in high volatility conditions

Investors who trade in highly volatile markets, such as cryptocurrency markets , often rely on day-of-the-day pricing.

Example:

An investor buys Bitcoin on Monday morning for $20,000. During the day, the price of Bitcoin rises to $22,000, but by the end of the day, it falls back to $19,500.

Purchase price: $20,000

Closing Price: $19,500

Loss per unit: $500 ($20,000 – $19,500)

An investor who values the price daily can decide whether to hold Bitcoin for an extended period (hoping for a trend reversal) or minimize losses and sell at closing. High volatility in the short term is a risk that investors must consider.

5. Regulations on the valuation of financial assets

Regulated pension and insurance funds often need to use spot pricing to provide current data on their investment portfolios to regulators.

Example:

The pension fund has 20% of its assets in healthcare stocks. Due to changes in drug reimbursement regulations, the share price of the pharmaceutical company Pfizer is falling 6% in a single day.

The fund must update its financial statements at the end of the day:

Pfizer stock value before the drop: $5 million

6% decrease: $5 million * 0.06 = $300,000

Value after probate: $4.7 million

In accordance with regulatory requirements, the fund must immediately update its reports and inform the supervisor of changes in the value of its assets.

Summary

In each of these examples, daily pricing enables rapid response to market changes. This is useful for portfolio management in volatile and speculative environments, as well as for asset monitoring by companies and funds that need to provide current information to investors and regulators.

Let’s look at each example in more detail, expanding on market mechanisms and practical implications.

1. Short-Term Tech Stock Speculator

Details:

Short-term speculators, also known as day traders operate in highly volatile markets, such as the technology sector. These types of investors rely on intraday price movements, reacting to news that can suddenly change the value of a stock. In the Tesla example above, the sudden announcement of a new car model with advanced technology triggered a rapid increase in demand for the company’s shares.

Economic explanation:

Short-term market valuations: In this situation, the stock price is directly influenced by newly emerging information and the immediate market reaction. Investors try to predict how a given event will affect the company’s future earnings and, consequently, the value of its shares.

Market psychology: Short-term speculators often use technical analysis tools (charts, indicators) to track trend direction. When Tesla announces a new product, the price increases are linked to expectations of increased sales and profitability for the company.

Timing: Daily pricing is key because the investor needs to know the exact value of their assets in real time to decide when to sell the shares and take a profit.

2. Investment fund monitoring portfolio daily

Details:

Investment funds that manage stock portfolios for individual and institutional investors must report the value of their portfolios on an ongoing basis. If a fund holds a variety of stocks, such as Microsoft, Apple, or Alphabet, earnings announcements can trigger changes in their valuations.

Economic explanation:

Mark-to-market: Investment funds must value their assets based on current market prices. This regulatory requirement allows investors to track the fund’s value on an ongoing basis. In the event of price volatility resulting from quarterly earnings releases, as in the Apple example, the value of the fund’s portfolio can change significantly.

Risk management: Changes in the value of individual company shares require portfolio managers to make decisions about whether to sell, buy, or rebalance their portfolio to minimize losses or maximize gains.

Investor Communication: Investors in mutual funds are kept up-to-date on the value of their shares. If the price of a stock, such as Apple, falls by 5%, fund managers must provide investors with information about the decline in the value of their shares, which may influence investors’ decisions about whether to continue investing in the fund.

3. Management of financial reserves by the company

Details:

Companies often hold investment portfolios as part of their financial reserves. By investing excess capital in stocks or other financial instruments, the company must monitor the value of these investments in real time to make appropriate financial decisions.

Economic explanation:

Liquidity Control: For large companies, the value of their investment portfolio directly impacts their cash flow and operating reserves. A 3% decline in ExxonMobil’s stock price reduces the value of their reserves, which can impact their ability to invest in other projects or meet current liabilities.

Diversification Strategy: Companies often diversify their portfolios by investing in different sectors (energy, technology, healthcare, etc.) to minimize the risk of a single sector declining in value. However, daily valuation provides them with a picture of how price changes in one segment impact their overall financial reserves.

Managing losses and gains: If there are significant declines in the value of shares, the company may decide to sell assets to realize capital losses (which may have tax benefits) or to protect itself against further declines.

4. Asset management in high volatility conditions

Details:

In highly volatile markets like cryptocurrencies , overnight pricing is a key tool for monitoring portfolio value and making quick investment decisions.

Economic explanation:

High volatility: The cryptocurrency market is characterized by significant price fluctuations over short periods. Investors purchasing Bitcoin can see its value fluctuate by several percent in a single day. By valuing it at the daily price, they can continuously monitor whether their investment is generating profits or losses.

Risk Management: High volatility also means high risk. Investors must react quickly to changing market conditions, for example, by selling assets when their value falls below a certain threshold (e.g., $19,500 in the example). Daily pricing allows for immediate action, which is crucial in such a dynamic environment.

Cryptocurrency investors often use short-term strategies like day trading or swing trading to capitalize on short-term price fluctuations. Daily pricing is an essential tool for monitoring the value of an investment and making buy or sell decisions.

5. Regulations on the valuation of financial assets

Details:

Regulated pension and insurance funds must use spot pricing to provide regulators and investors with current asset values.

Economic explanation:

Regulatory: Pension and insurance funds are required to report the value of their assets on an ongoing basis to ensure they have sufficient resources to cover future liabilities. Daily valuation provides them with an accurate picture of their portfolio’s value on a given day, which is crucial for meeting regulatory requirements.

Risk management: When a pension fund invests in stocks, such as those in the healthcare sector, and there is a 6% decline in Pfizer shares, the fund must update the portfolio value and potentially adjust its investment strategy to minimize the risk of further losses.

Transparency for investors: These funds must provide current information about the value of their assets to their clients. As stock market prices fluctuate, daily valuation ensures that investors and fund clients are informed about the current value of their investments.

Each of these examples demonstrates the importance of monitoring stock prices on an ongoing basis, especially in times of high volatility or regulatory constraints. Daily pricing allows for quicker responses to market changes, risk management, and better investment decision-making.

Analyzing a company’s stock valuation using the six-month or annual average price has many practical applications, particularly in the context of long-term investment decisions, assessing a company’s financial health, and risk management. Using the average price allows for a more balanced assessment of a stock’s value by eliminating the impact of short-term price fluctuations. Let’s look at a few situations when this method is worthwhile.

When do we use the half-year (or yearly) average price for stock valuation?

1. Fundamental analysis of long-term trends

In long-term fundamental analysis, the average share price over six months (or longer) is used to assess a company’s overall financial health and growth potential. Instead of focusing on short-term fluctuations, which may be the result of speculation or short-lived events, the average price provides a more stable picture.

Example: An investor is analyzing a company in the energy sector, which is subject to periodic fluctuations in commodity prices. Using the average price over the past six months, they can assess whether the company’s value is growing steadily or is subject to cyclical fluctuations. The average price allows them to assess whether the current trend (upward/downward) is part of a larger, long-term picture or a short-term anomaly.

Economic explanation:

Balancing fluctuations: The six-month average price allows investors to ignore momentary fluctuations that may be the result of speculation, unexpected news, or seasonal changes.

Assessing Long-Term Trends: A company’s value should be assessed based on its performance over the long term. The average price better reflects the overall direction of a company, as opposed to sudden spikes or declines.

2. Risk management by financial institutions

Banks and pension funds often use average stock prices to reduce the impact of short-term fluctuations on their portfolios. This allows them to better plan long-term investment strategies and protect themselves from excessive risk.

Example: A pension fund invests in shares of large, stable companies. Using the average share price over a six-month period, the fund can monitor the stability of its investments, reducing the risk associated with temporary fluctuations, such as those caused by speculation or temporary stock market declines. This helps avoid panic-driven investment decisions.

Economic explanation:

Portfolio stability: Pension and investment funds have long-term commitments to their investors. Analyzing average prices over a longer period allows for more stable asset management.

Avoiding overreactions: Using price averages reduces emotional or momentary market events that can lead to unsuccessful investments.

3. Calculating value for long-term transactions (e.g. acquisitions, mergers)

The average share price is also often used in calculations in mergers and acquisitions. A stock’s value based on an average price over six months or longer is more representative than the daily price, as it eliminates momentary fluctuations that can result from market sentiment.

Example: Company A plans to acquire Company B. Instead of basing the valuation on the current share price, which may be inflated by takeover rumors, the parties may agree to a valuation based on the average share price over six months to achieve a fairer deal value.

Economic explanation:

Representativeness: The average price better reflects the true value of a company over the long term, especially when the current share price may be inflated or deflated by speculation.

Minimizing risk: Using an average price eliminates the impact of short-term fluctuations, which is important for large transactions such as acquisitions or mergers where the stakes are very high.

4. Assessment of investment attractiveness in low-liquidity markets

In illiquid markets, where stock prices can fluctuate significantly over short periods, using the six-month average price helps investors assess how stable a company is. This can be especially important for small companies whose shares aren’t traded frequently.

Example: An investor is considering buying shares of a small company in the local market. Because the number of transactions is low, the share price often fluctuates due to single, large transactions. By analyzing the average price over six months, the investor can gain a more objective picture of the company’s value.

Economic explanation:

Avoiding the Impact of Low Liquidity: In low-liquidity markets, single trades can cause large price swings. Average prices over a longer period provide a better understanding of a stock’s true value by eliminating the impact of small, individual trades.

Reliable risk assessment: Average-price pricing gives investors greater certainty about the value of their investment, especially in less liquid and riskier environments.

5. Assessment of value for tax and accounting purposes

In some cases, particularly for companies and funds, valuing shares based on the six-month average price may be used for tax or accounting purposes. This helps avoid value spikes that could impact tax liabilities or reported profits.

Example: A company has an investment portfolio and must reconcile its value for accounting purposes at the end of the year. Using the average share price over the six-month period avoids a situation where a high price on the valuation date would inflate the portfolio’s value, which could lead to higher tax liabilities.

Economic explanation:

Minimizing the effect of volatility: Average-price valuation eliminates the impact of one-time events that could disproportionately impact the portfolio value and tax liability of the company.

Reliable asset valuation: The average price is more representative for accounting purposes because it provides a more stable picture of the asset value over the long term.

Summary

Valuing stocks based on the six-month (or annual) average price is particularly useful when investors or institutions want to avoid the influence of short-term fluctuations on their decisions. This method is often used in long-term analysis, risk management, mergers and acquisitions, in illiquid markets, and for accounting and tax purposes. Choosing this valuation method allows for more balanced investment decisions and minimizes the risk of short-term market anomalies.

Artykuł Valuation of company shares – analysis from the economic point of view pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

Dynamic technological advancements have led modern businesses to operate in ways unforeseen decades ago. Computerization, in particular, without which modern business operations are inconceivable, has effectively broadened the horizons of many entrepreneurs, while simultaneously leaving room for abuse by cybercriminals. The protection of data stored on companies’ internal servers has become crucial. It should be noted that despite the efforts of both EU and national authorities, new threats are emerging in the field of personal data protection law, which may lead to violations not only of general provisions on the protection of personal rights but also of many other legal disciplines, such as copyright. The unprecedented mass digitization of artistic works has resulted in the inclusion of records of paintings, photographs, films, music, architectural designs, and many other manifestations of creative activity as data. From this perspective, the phenomenon of data laundering takes on a unique character and carries with it new threats.

What is data laundering?

Data laundering essentially involves transforming stolen data so that it can be sold or used by ostensibly legitimate databases. For such transformation to be possible, an organization must first obtain the data illegally, either by fraud or theft via malware. The laundering process itself boils down to three stages:

1. Establishing an organization that will face relatively few restrictions related to data processing due to its use for non-commercial or scientific purposes. These are most often non-profit organizations.

2. Perform data manipulation operations using new technologies (for example, randomizers). The goal of these operations is to modify the data in such a way as to make it more credible to potential buyers.

3. Selling data to other businesses or making it available to for-profit organizations that will then use it for commercial purposes.

It can therefore be seen that the entire process aims to make illegally obtained data appear devoid of any suspicion regarding its origin. It is important to note that data laundering can have a significant impact on individual rights, as expressed not only in the Personal Data Protection Act but also in the Copyright and Related Rights Act.

A specific type of data laundering involves exploiting artists’ creative work. Specifically, it involves processing data containing information about a work without the required authorization, in such a way that its reuse would be unrecognizable to others.

Controversy over data laundering under copyright law

It is worth pointing out from the outset that processing data related to works, as defined by the Copyright and Related Rights Act, creates an entirely new work, the disclosure of which would not constitute a direct infringement of the author’s moral rights. This is problematic, as in this situation, it is difficult to define the boundary beyond which the author would be able to bring a copyright lawsuit and effectively pursue claims.

The problem of defining the limits of using someone else’s work to create an entirely new work has become particularly pressing with the development of AI-based tools. These tools operate on the basis of a database composed of multiple works—a crucial element for ensuring the effective functioning of such tools in the future. Therefore, it is impossible to deny the significant contribution of authors to the existence of such models, for which they receive no remuneration. The key question becomes: how did the organizations training the AI tool obtain this data?

Under Polish law, an artist can freely dispose of their rights to their work unless the law provides other restrictions. Therefore, if they grant a license to an organization using an AI tool, it does not constitute an infringement of the artist’s copyright, as, in accordance with the principle of freedom of contract, the artist may authorize the use of their work for the purpose of training an AI tool.

The problem arises, however, when it comes to so-called fair use, regulated in Articles 23-35 of the Copyright and Related Rights Act. These provisions are based on vague terms that require appropriate interpretation. In such a situation, it is necessary to examine the specific case based on the evidence collected. To date, there are no judgments in Poland that would establish a specific line of jurisprudence regarding fair use based on AI tools, but certain conclusions can be drawn from the rulings of foreign courts.

One of the rulings addressing the issue of fair use for someone else’s work that may impact the legal situation of organizations using AI-based tools is the U.S. Supreme Court ruling of May 18, 2023, in the case of Andy Warhol Foundation for the Visual Arts, Inc. v. Goldsmith et al. The Supreme Court emphasized that when determining the legality of fair use, the similarity between the original and secondary works is not the only factor that matters. The manner in which the resulting copy is used is also crucial – its use solely for research purposes or by a non-profit organization will be considered differently than if the direct or indirect purpose is to generate profit.

Another lawsuit, this time closely related to the use of AI-based tools to create new works based on a database containing information about existing, original works by artists, is Andersen et al. v. Stability AI Ltd et al. The lawsuit was filed by artists accusing three companies – Stability AI, Deviant Art, and Midjourney – using their works without the creators’ consent to train AI-based tools. According to the plaintiffs, the works created using these models are derivative of the artists’ original works and are essentially copies, the use of which constitutes copyright infringement. The main counterargument that the court will have to consider is the aforementioned fair use issue, because despite the artists’ position that the generated works are merely copies of existing works, the defendants will attempt to prove that AI-based tools create transformative results that differ significantly from the original works.

Conclusions

Data laundering in copyright law is a problematic phenomenon. The primary reason for this is the novelty of AI technology and the insufficiently precise legal provisions that could be applied to determine the legality of using works created using AI tools based on datasets containing information about the works of other creators. Undoubtedly, recognizing the dynamic development of AI, legislators should strive to shape regulations so that courts can issue the most equitable judgments possible. It cannot be denied that without artists’ contributions to their work, tools like Stable Diffusion would be unable to function due to the lack of sufficient data needed to train the model. At the same time, it is important to note the partially valid argument that the resulting work is not a copy in the strict sense of the word. Therefore, defining the boundaries of fair use is crucial in this matter, because without clear criteria, the market for tools generating works will remain a gray area, which is never desirable.

Artykuł Data laundering and the threat it poses under copyright law pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

VAT crimes

The term “carousel fraud” refers to a characteristic scheme in which goods, after passing through a series of related entities, ultimately end up back at the original supplier. This mechanism allows perpetrators to conceal the actual transaction and generate undue tax benefits, most often by fraudulently obtaining VAT refunds or avoiding their payment. A key feature of VAT is its neutrality, so it should not impose an additional burden on taxpayers who do not consume the purchased goods or services but use them for business purposes. However, the structure of this tax makes it particularly vulnerable to abuse. In accordance with the principle of the free movement of goods, the supply of goods between European Union (EU) countries is subject to a 0% VAT rate. VAT carousels involve the use of complex transaction mechanisms embedded in the value added tax structure to avoid paying output tax or to unlawfully obtain a refund. These activities take the form of fictitious economic transactions, which involve the apparent movement of goods between entities located in different Member States. This can be very high, especially with relatively small financial outlays by the fraudsters, as the fraud involves goods that are repeatedly exported and returned to Poland.

An example of a carousel fraud in the EU: Company A from Poland sells goods to the Netherlands. At this point, the VAT rate is 0%. A Dutch entrepreneur then sells the same goods to an Italian company. Ultimately, the goods are sold at a below-market price to Poland, applying a zero rate. These goods did not even have to be physically transported from Poland, so the transaction participants do not incur any transportation or storage costs. The entity required to declare and pay VAT fails to pay it and disappears before preventive measures are taken.

Carousel fraud is the most serious type of tax crime in the EU. A study on missing trader fraud estimated that at least €13 billion was lost to intra-EU VAT carousel fraud, based on previously detected product categories. The scale of this practice, the difficulty of detecting it, and the significant budget losses involved make combating carousel fraud a key challenge for Member State tax authorities and EU institutions. The criminals’ activities result in significant depletion of Member State budgets. A number of EU measures have been introduced to combat VAT carousel fraud. These include, among others, enhanced administrative cooperation between Member States, transparency provisions for payment service providers, and the proposal for a new digital real-time reporting system based on e-invoicing as part of the VAT in the Digital Age package.

Tax Carousels in Polish Law

Polish law does not specifically address tax carousels. However, such activities may constitute criminal and fiscal offenses. In terms of substantive law, the Penal Code and the Fiscal Penal Code are of key importance, while procedures are regulated by the Code of Criminal Procedure and the Fiscal Penal Code.

Substantive Law

Fiscal Penal Code

Tax fraud is defined in Article 56 of the Fiscal Penal Code. It is the taxpayer who self-assessed tax who submits a declaration containing a statement of actual expenses incurred and revenues earned and assesses the qualification of taxes as deductible. Behavior involving the dishonest performance of activities related to the self-assessment procedure is penalized. Accordingly, a taxpayer who, when submitting a declaration or statement to a tax authority, another authorized body, or a tax remitter, provides false information or conceals the truth, or fails to notify of a change in the data covered by the declaration, thereby exposing the taxpayer to tax depletion, is subject to a fine of up to 720 daily rates or imprisonment, or both (Article 56 §1 of the Fiscal Penal Code). It is not necessary to demonstrate that the perpetrator’s conduct resulted in a depletion of the state budget. It must be demonstrated that, in the circumstances of the specific case, there was a high probability of such a depletion. However, given that the obligation to file a tax return or declaration in most cases coincides temporally with the obligation to pay tax, in practice, Article 56 of the Fiscal Penal Code will be linked to the actual occurrence of tax depletion. To be considered a tax offender, there must be a causal link between their action and the risk of tax depletion, as well as a normative link, i.e., a legally binding attribution of responsibility for that action. An act constitutes a tax misdemeanor if its value does not exceed five times the minimum wage at the time of its commission—otherwise, it constitutes a tax offense (Article 53 §3 and Article 56 §3 of the Fiscal Penal Code). Therefore, Article 56 of the Fiscal Penal Code serves to ensure compliance with the obligations imposed by substantive tax law.

Moreover, Article 62 of the Fiscal Penal Code concerns violations of accounting procedures. As in the previous case, in cases of lesser gravity, the act constitutes a fiscal misdemeanor, while in other cases, it constitutes a fiscal crime. The penalty for this act depends on the nature and seriousness of the violation of obligations related to documenting the transaction. The issuer of a so-called “empty invoice,” as obligated to pay the tax indicated therein, always violates Article 62 § 2 of the Fiscal Penal Code, as the issuer of an inaccurate invoice, thereby undermining the tax obligation (Supreme Court judgment II KK 347/07).

Additionally, Article 76 of the Fiscal Penal Code describes the act of unjustified tax refund and the corresponding penalties. Anyone who provides false information or conceals the truth, misleading the tax authority and exposing it to an undue tax refund (including VAT), is subject to a fine of up to 720 daily rates, imprisonment, or both (Article 76 §1 of the Fiscal Penal Code). If the amount subject to an undue refund is insignificant, the perpetrator is subject to a fine of up to 720 daily rates (Article 75 §2 of the Fiscal Penal Code). In any case, when tax law regulations are used to obtain a specific benefit, and the benefit is provided based on these regulations by misleading the competent authority, a tax liability is violated (Supreme Court judgment II KK 347/07). Misrepresentation may occur through providing information that is inconsistent with the actual state of affairs or by concealing the actual state of affairs. In the first case, it matters whether the perpetrator provides unreliable data or, while presenting accurate data, incorrectly classifies it from the perspective of tax law provisions relevant to refunds – in both cases, this constitutes providing data inconsistent with the actual state of affairs. In the second case, concealment of the actual state of affairs occurs when the content of the declaration, statement, application, or other document does not include all the data relevant to establishing the existence and determining the amount of the VAT refund. If the amount does not exceed the statutory threshold, the perpetrator is liable for a tax offense and is subject to a fine for the offense (Article 75 §3 of the Fiscal Penal Code). Otherwise, the act qualifies as a tax offense.

Additionally, Article 33 of the Fiscal Penal Code provides for the forfeiture of financial benefits obtained from committing a fiscal offence. If it is impossible to impose the penal measure of forfeiture of the financial benefit, the penal measure of recovery of its monetary equivalent is imposed (Article 33 §1 of the Fiscal Penal Code).

Penal Code

Fraud (Article 286 of the Penal Code), which involves causing another person to dispose of property to an unfavorable extent by deception, misleading, or exploiting their inability to properly understand the action, is punishable by imprisonment for a term of six months to eight years. Unlike Article 76 of the Fiscal Penal Code, Article 286 of the Penal Code is universal in nature. However, the possibility of these provisions operating together refers precisely to a situation in which the perpetrator, acting for financial gain, allows the tax authority to pretend, using fictitious documents or other actions, that a basis for obtaining a tax refund of a public law liability exists, misleads the tax authority, and thus obtains a tax refund of a public law liability (undue VAT refund). The rules for excluding multiple assessments apply only in the event of a confluence of provisions; they do not apply in the event of a perfect confluence of prohibited acts (Supreme Court Judgment I KZP 19/12).

Article 270a of the Penal Code states that anyone who forges or alters invoices in order to use them as authentic is guilty of material invoice forgery, which carries a penalty of up to 8 or 20 years in prison (depending on the value of the invoices). Criminal liability is based on the mere act of forging or altering an invoice (or using such a forged or altered invoice) – regardless of the resulting reduction in tax liability.

Intellectual invoice forgery is enshrined in Article 271a of the Penal Code – issuing or using documents containing false information relevant to tax obligations. Depending on the scale of the offense, the penalty can range from a fine to up to 20 years in prison. Particularly severe sanctions are provided for the so-called VAT crime (Article 277a of the Penal Code), which covers the forgery of invoices with a total value exceeding ten times the amount of property of great value (PLN 10,000,000). The perpetrator faces a penalty of 5 to 15 years in prison, and in extreme cases, even 25 years. However, if the offense is deemed less serious, the maximum penalty is 5 years in prison. The harsh penalties stem from the fact that value added tax fraud, most often perpetrated by organized crime groups, exposes the state budget to losses of tens of billions of zlotys annually. In situations where the act meets the criteria of Article 271a or 277a of the Penal Code, criminal liability should be based exclusively on these provisions, to the exclusion of Article 62 § 2 of the Fiscal Penal Code, as they constitute lex specialis. In other cases, particularly concerning invoices of smaller value, it is appropriate to apply Article 62 § 2 of the Fiscal Penal Code, which, as a special provision, excludes liability under Articles 271 and 273 of the Penal Code. However, post-2013 case law allows for the simultaneous assignment of criminal and fiscal criminal liability for the same act (Judgment of the Supreme Court II KK 295/13). This means that in practice, cumulative qualification may occur, which is consistent with Article 8 of the Fiscal Penal Code. Pursuant to Article 277b of the Penal Code, in the case of perpetrators convicted of invoice forgery (270a, 271a, 277a of the Penal Code), a fine imposed in addition to a prison sentence may be imposed in the amount of up to 3,000 daily rates. The legislator considered severe sanctions to be an effective way to counteract, among other things, tax carousels, as the deterrent effect is important.

It should be emphasized that participation in an organized criminal group (Article 258 of the Penal Code) constitutes criminal liability for the mere fact of participating in a criminal structure aimed at committing tax crimes. The penalty can range from 6 months to 8 years’ imprisonment, and in the case of the group leader, from 2 to 15 years. Each entity involved in a VAT carousel fraud has a precisely defined role – no such operation can function without an organizer, a missing taxpayer (front), a buffer (intermediary), a broker, and a leading company. Article 258 of the Penal Code penalizes both those who collude in committing a crime and those who collude before committing it. Collusive behavior by multiple individuals prior to committing a crime also includes collaborating within multi-person organizational structures created for the purpose of committing a crime (including VAT carousel fraud).

Tax Carousels in EU Law

In the EU, tax policy falls within the competence of the Member States. However, because VAT carousels typically involve entities in more than one country, combating this type of crime is a shared responsibility of the Member States and the EU. Missing Trader Intra – Community (MTIC) fraud is regulated, among other things, by Directive (EU) 2017/1371, which establishes minimum standards for criminal offenses and sanctions aimed at protecting the EU’s financial interests. With respect to VAT revenue, this directive applies only to serious infringements of the common VAT system, i.e., when the crime covers the territory of at least two Member States and causes total losses of at least EUR 10 million.

Regulation (EU) 2018/1541, amending Regulation (EU) 904/2010 and Regulation (EU) 2017/2454, is important for improving VAT administrative cooperation in the EU. It provides Member States with additional tools to combat MTIC fraud more effectively, such as common risk analysis and improved information exchange between tax administrations.

Artykuł Tax Carousel Fraud – missing trader fraud – Polish and EU legal aspects pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

Exit fee is a fee for transferring assets, functions or risks between related entities. It can be understood as remuneration for the transfer of important functions, assets or risks. It is paid during business restructuring, either once or periodicall

On 30 January 2025 there has been issued important interpretation of the Director of the Polish National Revenue Information in respect of exit fee and tax consequences.

The case in the individual interpretation of the Director of the National Revenue Information of January 30, 2025 concerned a Polish limited liability company which, as part of the strategic decisions of the capital group, took over the production function from its German shareholder, covering the production of specific products (in this case, caps). As part of this restructuring, the company acquired a production line as fixed assets, but in addition undertook to pay the “exit fee” for taking over the production potential and the related potential to generate profits. This remuneration was determined on the basis of an independent analysis of the economic value of the transferred functions.

Exit-fee as a cost of obtaining income?

The company’s doubts concerned whether such an expense could be recognized as a cost of obtaining income, and if so, when it should be recognized in the tax accounting. The company argued that the remuneration was not part of the purchase price of fixed assets, but was economically justified and was used to generate income in the future by increasing production capacity. Therefore, it should have the right to recognize it as a cost of obtaining income other than directly related to revenue, i.e. a so-called indirect cost, settled once at the time of incurring – on the day the cost was recognized in the accounting records based on an invoice.

The Director of the Polish National Revenue Information agreed with the company’s position. The Director of the National Revenue Information considered that the “exit fee” met the conditions specified in art. 15 sec. 1 of the Polish CIT Act, and therefore was incurred in order to generate revenue, was rationally justified, was properly documented and was not excluded from tax costs under art. 16 sec. 1 of this Act. At the same time, the authority confirmed that the expense was not a direct cost, because it cannot be assigned to a specific revenue from a given product or sale, but is related to business activity in general and to future revenue potential. Therefore, it should be treated as an indirect cost, deductible on the date of its incurrence, in accordance with art. 15 sec. 4d and 4e of the Polish CIT Act.

The autonomy of tax law in relation to accounting principles was also clearly emphasized. The method of settling the exit fee in the books does not affect its tax classification. The exit fee was intended to compensate the Seller for the lost earning potential and to transfer to the Applicant the ability to generate profits.

In this case, the “Exit fee” is an equivalent for resigning from the production function and transferring it to another company from the capital group. The seller, who resigned from production, received a fee from the company (Applicant) for transferring the potential to generate profits and sales.

From the point of view of the application of the “exit fee”, it is used within the framework of intra-group restructuring of activities, especially in capital groups operating at the international level. Changing the functions, risks and assets between related entities is often associated with the need to pay remuneration so that the transaction is in accordance with the arm’s length principle, as referred to in Art. 11c of the Polish CIT Act and the provisions of the Regulation of the Minister of Finance of 21 December 2018 on transfer prices in the scope of corporate income tax (§16-18).

Calculation of exit-fee  — reflecting market conditions  — Fair Value

The Exit Fee calculation is based on the assumption that the transaction reflects market conditions. A key element of this calculation is the use of the concept of Fair Value. The Fair Value valuation assumes the perspective of two independent parties acting in good faith, without coercion, with equal access to information and operating in an open market. The analysis should consider how independent market participants would set the price in a given transaction.

Exit-fee subject to passive cost tax on shifted income? How to value exit-fee.

In practice, this may mean that the exit fee is treated as a passive cost that may be subject to taxation under the so-called tax on shifted income.

If the exit fee is subject to this tax, its rate is 19% of the tax base, and the obligation to show it in the tax return lies with the taxpayer. In this case, the tax should be shown in the CIT-8 declaration and the CIT/PD appendix (concerning income tax on shifted income).

Valuing a company in accordance with the guidelines of the Organisation for Economic Co-operation and Development (OECD) is a complex process that should be carried out by a professional company with the appropriate experience in this field. This type of analysis requires knowledge not only in the field of finance and accounting, but also law and economics. Valuation experts must take into account such elements as future cash flows, asset value, market condition and the risk associated with the company’s operations. To ensure transparency and reliability of the process, the valuation for exit fee purposes should be carried out by independent and competent entities.

Valuing a company in the context of an exit fee is a time-consuming process. According to the applicable regulations, if the fee exceeds the threshold of PLN 2 million, the company will be required to prepare transfer pricing documentation. This is an additional step aimed at ensuring compliance with regulations regarding intra-group transactions.

Discounted cash flow (DCF) method/ Royalty exemption method

Income and cost methods are mainly used to determine the exit fee. One of the most commonly used income methods is the discounted cash flow (DCF) method, which involves estimating the future cash flows generated by the company, which are then discounted to their present value. As a result, an estimated value of the fee is obtained.

In the case of valuing intangible assets such as know-how, a trademark or a patent, the royalty exemption method is used. This technique allows determining the value of these assets based on the potential savings that the company would achieve if it did not have to pay for licenses to use these resources.

However, when customer relationships are a key element of a company’s value, specialists may decide to use the multi-period excess earnings method (MPEEM), which allows for estimating value based on the long-term profit potential generated by these relationships.

In Polish law, there is no clearly defined exit fee payment threshold in the sense of a minimum amount above which this fee should be paid. However, in terms of documentation obligations, the exit fee in intra-group transactions may be associated with the requirement to prepare transfer pricing documentation if the value of this fee exceeds a certain transaction threshold.

In accordance with transfer pricing regulations, this obligation applies to transactions whose value exceeds PLN 2 million in the case of transactions involving services or trade in goods and PLN 10 million in the case of transactions involving fixed assets.

If the transaction related to the transfer of the production line (as well as the related exit fee) exceeds the transaction thresholds (PLN 2 million), the company will be required to prepare transfer pricing documentation to demonstrate that the transaction is conducted on market terms.

In turn, if the value of the transaction related to the exit fee exceeds the threshold of PLN 10 million, more detailed reporting may be necessary as part of broader intra-group documentation.

It is also worth adding that these provisions are applied within the framework of general transfer pricing principles, which means that each transaction between related entities, including those related to exit fee payments, may be subject to the obligation to prepare appropriate documents if they exceed the above thresholds.

If the exit fee value falls within this framework and also concerns the restructuring of the business in the capital group, In accordance with Articles 11a-11h of the CIT Act, related enterprises must conduct transactions on market terms, in accordance with the arm’s length principle. This documentation will have to include the valuation methodology (e.g. income or cost method) and confirmation that the transaction is conducted on market terms.

The provisions of the Corporate Income Tax Act (CIT) constitute the basis for the settlement of all transactions concerning the transfer of assets, including the production line.

According to Article 12, Section 1 of the Polish CIT Act, the company’s income is generated when assets (including a production line) are sold to another company. The exit fee in this case will be treated as income from operating activities (if it is directly related to operating activities, e.g. transfer of assets as part of restructuring).

In the case of transfer of a production line and the related exit fee, the costs of obtaining income must also be settled. According to Article 15 of the CIT Act, costs related to the transfer of assets, including depreciation and write-offs, may be recognized as costs of obtaining income. The value of the assets being sold (including the production line) should be recognized as a cost of obtaining income, and any differences between the sale price and the book value of the assets (the so-called profit or loss from the sale of assets) will be included in the tax settlement. Expenses related to the preparation of the transaction (e.g. fees related to the valuation of assets, advisory costs) may be recognized as costs of obtaining income, provided that they are directly related to the process of transferring the business (Article 15, paragraph 1).

When transfer pricing documentation is obligatory

If the transaction related to the exit fee exceeds PLN 2 million (transaction value), it is mandatory to prepare transfer pricing documentation that demonstrates that the fee is set in accordance with market conditions. This documentation should include, among others:

• Description of the transaction,
• Value of transferred assets,
• Selecting the appropriate valuation method (e.g. income method – DCF, comparative method).

The value of the transferred assets (production line) should be determined taking into account the future cash flows generated by these assets, as well as other relevant factors, such as the risk associated with the activity, the state of the market or the potential to generate profits.

One valuation method for assets with future cash flows (such as production lines) is the DCF (discounted cash flow) method. It allows to determine the value of assets based on the projected cash flows that the assets will generate, discounted to their present value.

In the case of a production line, the valuation may include, among others:

• Expected cash flows from production,
• Value of other assets related to production,
• Operating costs and potential changes in cost structure.

In relation to the exit fee, the ruling of the Director of the National Revenue Information of 21 April 2021 (ref. 0111-KDIB1-2.4010.24.2021.3.DP) is also important. According to this ruling, the exit fee may be recognised as a cost of earning income because it is related to generating income as part of the transaction (in this case, the transfer of a production line as part of restructuring). It was also indicated that:

• The exit fee is treated as an operating expense and its payment may be included in the costs of obtaining income, provided it is related to the company’s generation of income,
• Expenses related to the exit fee have not been excluded from the costs of obtaining income under Article 16 section 1 of the CIT Act, so they can be included in costs on the date they are incurred.

If the consideration for the withdrawal of the business (in this case the exit fee) exceeds the transaction thresholds, it may be subject to the so-called tax on transferred income, in accordance with the provisions of the CIT Act. The exit fee may be considered an expense related to the transfer of income to a related entity and be subject to taxation at the rate of 19% (CIT rate), if certain conditions are met.

After the transaction, the company should include the exit fee in the CIT-8 tax return and CIT/PD (if it concerns the tax on shifted income). The return should include:

• Income from exit fee,
• Costs associated with transferring assets,
• Any income tax payable if the transaction is subject to shifted income tax.

The remuneration for the transfer of business in connection with the transfer of the production line should be accounted for and taxed in accordance with the provisions of the CIT Act. According to these provisions, the exit fee may be recognized as income, and the costs related to the transfer of assets (including depreciation of the production line) as costs of obtaining income. In addition, if the value of the transaction exceeds the transaction thresholds, it is necessary to prepare transfer pricing documentation and check whether the transaction meets the requirements for taxation of transferred income.

Determining the income and time of transaction

The basis for settling the remuneration for the withdrawal of the business and the exit fee in the context of corporate income tax (CIT) is to determine whether the transaction constitutes income and what the costs of obtaining income will be.

In accordance with the provisions of the CIT Act:

Exit fee or remuneration for the sale of a production line constitutes income at the time of the transaction (Article 12, Section 1 of the CIT Act). The income should be recorded at the time of the transaction, i.e. upon receipt of payment or conclusion of the agreement. Therefore, remuneration for the withdrawal of the business, treated as operating income, is subject to income tax.

The costs of obtaining income related to the exit fee may include the book value of the transferred assets (e.g. a production line), expenses related to the transaction, such as advisory costs, valuations, negotiations – provided that they are directly related to the company’s operations.

Pursuant to Article 15 of the CIT Act, costs related to the transfer of assets may be recognised as tax deductible costs, provided they are related to operating activities and were incurred for the purpose of earning income.

If, after the transaction, there is a profit from the sale of assets, it will be taxed at 19% CIT rate (standard CIT rate in Poland).

Profit from sale = income from the transaction (remuneration for transferring the production line) – cost of obtaining income (book value of assets, expenses related to the transaction).

According to Article 21, Section 1 of the CIT Act, if the exit fee is paid by an entity registered abroad (e.g. a German company) and passes through a Polish company, it will not be subject to withholding tax, because the exit fee is not considered income from consultancy services or income from other services that would be subject to such tax.

In the case of transfer of assets within a capital group, there may also be a need to pay income shifting tax, when the transfer of valuable assets involves the transfer of income to related entities, including abroad. If this happens, the tax is 19% of the tax base (Article 24b of the Polish CIT Act).

The settlement of the remuneration for the transfer of business and the exit fee should be carried out both for accounting and tax purposes, because accounting requires recording the income from the sale of the production line and the related costs of obtaining income, as well as taking into account any depreciation. However, for tax purposes, the remuneration for the transfer of assets (including the exit fee) is treated as income, which is subject to CIT, while the related costs may be included in the costs of obtaining income.

The consideration for the transfer of business (including exit fee) as part of the transfer of the production line should be accounted for in accounting and tax purposes, both in the context of revenues and costs of obtaining revenues. It is also important to ensure compliance with transfer pricing regulations, especially in the case of intra-group transactions.

International accounting standards

In accordance with international accounting standards IAS (International Accounting Standards) and IFRS (International Financial Reporting Standards), as well as the national regulation, which is the Accounting Act, the process of settling the remuneration for the transfer of a business (including the transfer of a production line) must take into account specific rules for recognizing revenues, costs and the impact on the financial result.

In the case of disposal of fixed assets, such as a production line, the accounting process depends on several important issues. In short, disposal of fixed assets involves the need to:

• Recognizing sales revenue when the transaction is completed (e.g., an asset sale agreement).
• Recognizing the costs of obtaining income associated with the disposal of these assets (e.g., book value of assets, transaction costs).
• Demonstrating a gain or loss from the sale of assets that will affect the company’s financial result.

Revenue from the sale of fixed assets is recognized when the sale agreement is concluded and the consideration is received. In accordance with IAS 18 (International Accounting Standard 18 – “Revenue”), revenue is recognized when:

• There is a transfer of risks and rewards associated with asset ownership.
• The value of the revenue is determined and the enterprise has obtained certainty as to the amount of payment received (e.g. payment has been made or the entity obliged to pay is able to pay it).

Costs of earning income related to the disposal of assets include all costs directly related to the transaction, as well as the book value of the assets that were disposed of. According to IAS 16 (International Accounting Standard 16 – “Property, plant and equipment”), the book value of the transferred assets should be recognized as an expense. Additionally, transaction-related costs, such as valuation costs, legal advice, negotiation of the sale agreement, may also be recognized as transaction costs if they are directly related to the transfer of assets.

The book value of assets is their original value (acquisition cost) less depreciation that they were subject to over their useful life. If the assets have been fully depreciated, their book value is zero.

The financial result from the sale of assets (so-called profit or loss on disposal) is calculated as the difference between the revenue obtained from the sale and the book value of the assets that were sold and the costs associated with the transaction.

• Profit from sale = Proceeds from sale of assets – Book value of assets – Transaction costs
• Loss on sale = Book value of assets – Proceeds from sale of assets – Transaction costs

The profit or loss from the sale must be shown in the income statement as part of the company’s operating result. A profit from the sale of fixed assets will increase the company’s financial result, while a loss will decrease it.

Polish Accounting Act

The Accounting Act in Poland regulates the details of the method of accounting for revenues and costs related to fixed assets, including the transfer of a production line. According to the provisions of the Act, the following principles should be applied:

According to art. 3 sec. 1 item 13 of the Accounting Act, revenues from the sale of fixed assets (e.g. a production line) should be recognized at the time of conclusion of the contract, and their amount is determined by the value of the received consideration. These revenues are included in the financial result as operating revenues.

According to Article 15 of the Accounting Act, the costs associated with obtaining revenue from the sale of fixed assets include all costs directly related to this transaction. The value of transferred assets should be reflected in the accounting records as a cost related to their sale.

If the production line was previously depreciated, the depreciation should be terminated upon disposal of the assets. The book value of the assets at the date of sale will include the depreciation deductions made up to that point. After the sale, the company will no longer continue to depreciate these assets.

In the case of disposal of fixed assets, such as a production line, the company should also ensure that the transaction is properly documented.

Documentation of transaction

According to IAS 10 (International Accounting Standard 10 – “Events after the balance sheet date”), each transaction that affects the financial statements should be properly documented.

• a sales contract must be prepared,
• asset transfer protocol must be drafted,
• invoices or other proof of payment must be issued.

All documents relating to the transaction should be stored in a manner that allows for control and audit.

In the case of transfer of assets within a capital group, the application of OECD guidelines on transfer pricing becomes crucial. OECD recommends that transactions between related entities should be carried out on market terms (the so-called arm’s length principle). This means that the value of the exit fee and other remuneration related to the transfer of assets should correspond to the market value of such transactions.

If certain transaction value thresholds are exceeded (e.g. PLN 2 million), companies should prepare transfer pricing documentation and demonstrate that the transaction was conducted on market terms.

If the transaction related to the transfer of the production line (as well as the related exit fee) exceeds the transaction thresholds (PLN 2 million), the company will be required to prepare transfer pricing documentation to demonstrate that the transaction is conducted on market terms.

Individual tax interpretations under Polish law

The Polish Act of 29 August 1997 – Tax Ordinance – finds significant application in the case of an individual interpretation regarding remuneration for the withdrawal of a business, issued by the Director of the National Revenue Information in January 2025. It regulates the principles of issuing such interpretations, specifying that the taxpayer may request an explanation of the tax consequences of a specific event (Article 14b). In the analyzed case, the company enquired whether the remuneration paid for taking over the production function can be recognized as a cost of obtaining income.

The Tax Ordinance also provides the so-called protective function of the interpretation – if the taxpayer complies with an individual interpretation, they will not suffer negative tax consequences, even if the interpretation changes later (Article 14k-14n). Additionally, the provisions of the Ordinance allow for appealing against an unfavourable interpretation to an administrative court (Article 14e). The Tax Ordinance provides procedural and protective support for the taxpayer, enables obtaining a binding interpretation and secures its application against possible tax consequences.

Artykuł Exit fee and tax consequences – recent interpretation of National Revenue Centre in Poland. How it is used within the framework of intra-group restructuring of activities. pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

What is the prohibition of discrimination?

The prohibition of discrimination at work is included in Article 18^3a) of the Labour Code and in the Constitution in Article 32, which requires equal treatment in all aspects, including those related to work.

Discrimination may be related to;

• gender,
• age,
• disability,
• race,
• religion,
• nationality,
• views,
• origin,
• religion or sexual orientation
• either due to employment for a fixed or indefinite period or on a full-time or part-time basis.

The above criteria are not socially acceptable and any unjustified unequal treatment of employees is considered discrimination.

Direct and indirect discrimination

Direct discrimination

It concerns the relationship between an employer and an employed employee. It occurs when the employer treats the employee in a different way than other employees, which is caused, for example, by refusing to hire a woman because of her gender. It is also harassment. It occurs on the basis of the prohibited criterion listed in art. 18^3a par. 1 of the Labor Code, or because of employment for a fixed or indefinite period or full or part-time.

Indirect discrimination

We encounter indirect discrimination in a situation where there are large disproportions in the establishment or termination of employment relationships for all, a significant number of employees or a significant number of members of groups that may be affected by discrimination, e.g. lack of access to training for women.

How can discrimination manifest itself?

Discrimination may manifest itself through violations related to the catalogue of equal treatment, e.g. through refusal to enter into or terminate an employment relationship, unfavourable employment conditions, unfavourable remuneration or omission from participation in training that improves qualifications. A manifestation of discrimination may be the way in which a temporary employee is treated, for example encouraging others to discriminate against him.

It manifests itself in harassment, abuse, and behavior that violates the employee’s dignity, introducing a humiliating and hostile atmosphere. Two conditions must be met for the act to be punishable under the Labor Code – a negative atmosphere and a violation of dignity.

Differences

The Supreme Court in its judgment I PSKP 27/21, accepted that there is a significant difference between unequal treatment of employees and their discrimination. Discrimination is exclusively an action directed at people from the group mentioned above.

The case law has assumed that discrimination against the employee is required to claim compensation. Despite the fact that these two principles are closely related, violating them by the employer differs in the consequences that may result from the acts committed. According to the Supreme Court judgment, Case No. I PK 54/17, discrimination means treating an employee worse because of some of their features or characteristics, whereby a comparison is made with other people in the same factual and legal situation. These two concepts are often confused because discrimination is not always the same as unequal treatment of other employees. In the case of unequal treatment, the conditions of the discriminated person are not met, but simply a violation against other employees, not because of gender or race.

Employee protection rights

The Supreme Court’s case law (judgment of 3 September 2010, I PK 72/10, OSNP 2012 no. 1-2, item 4) clarified that the employee should indicate facts that substantiate the allegation of unequal treatment in employment, and then the burden of proof passes to the employer. The employer must prove that they were guided by objective premises (art. 183b § 1 of the Labor Code ). It should be mentioned that according to case law from before 7 September 2019, compensation is due only in the event of discrimination (art. 18^3d of the Labour Code). In the event of unequal treatment, compensation will be due on the basis of the provisions of the Civil Code. In the later legal status, art. 18^3d of the Labour Code will apply to obtaining compensation in both cases.

In the event that an employer terminates an employment contract unlawfully, the employee may file an appeal against the termination to the labor court. In the event of an unjustified appeal, the court may rule on the ineffectiveness, reinstatement of the employee, or compensation.

In what cases is an employer entitled to terminate an employment contract without notice?

Pursuant to Article 52 of the Labor Code, the Employer may do so in situations where;

1)            The employee committed a serious breach of basic employment duties;

2)            The employee has committed an offence that makes it impossible to continue to employ him in his current position, if the offence is obvious or has been confirmed by a final judgment;

3)            There is a loss of qualifications necessary to perform work in the position held, through the employee’s fault.

ESG compliance and discrimination

One of the pillars of preparing ESG reports in the field of sustainable development is focusing on relations with employees and checking whether employers respect employee rights and whether the opportunities for men and women in the company are equal. Working conditions and human rights are also important.

Employer’s obligations

The employer must remember that the salary paid to a foreigner cannot be lower than the minimum wage.

The employer must conclude a contract with a citizen of Ukraine and provide him with a translation of the contract that he will understand.

According to Article 94 of the Labor Code, the employer is obliged to;

2b)         counteract discrimination in employment, in particular on the grounds of gender, age, disability, race, religion, nationality, political beliefs, trade union membership, ethnic origin, denomination, sexual orientation, as well as employment for a fixed or indefinite period or on a full-time or part-time basis;

– Providing employees with provisions on equal treatment at work in written form.

Employee dismissals due to origin – Legality of actions

REGULATION (EU) No 492/2011 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 5 April 2011 on freedom of movement for workers within the Union

Article 7

1. A worker who is a national of a Member State may not, in the territory of another Member State, be treated differently from national workers by reason of his nationality in respect of any conditions of employment and work, in particular as regards remuneration, dismissal and, in the event of unemployment, reinstatement or re-employment.

In the event of dismissal of an employee and accusing the employer of discrimination, there is a burden of proof provided for in Article 6 of the Civil Code, according to which the burden of proof of a fact rests on the person who derives legal consequences from it. The burden of proof in such a situation consists in the employee presenting material facts, thanks to which it will be possible to presume that discrimination actually occurred. In order to avoid liability related to this, the employer should present evidence contrary to the presumption in order to prove that the employee was not discriminated against. According to Article 18^3d) of the Labour Code, a person against whom the principle of equal treatment has been violated is entitled to compensation in an amount not lower than the minimum wage.

In the case law relating to the termination of an employment contract due to a discriminatory reason on the part of the employer, if there is a conflict of claims for compensation under Article 45 and Article 18^3d of the Labour Code, the employee may claim two types of compensation:

1) for unlawful (discriminatory) termination of employment

2) for compensation for violation of the principle of equal treatment in employment.

It should be remembered that persons working under an employment contract have the same rights as persons of Polish origin, including:

• They have equal rights
• They have the right to rest
• They have the right to be provided with safe and hygienic working conditions
• They have the right to improve their professional qualifications
• They have the right to the protection of employees during pregnancy and maternity leave
• They have the right to the proper amount of salary and overtime allowance.

Risk of committing an unlawful act related to discrimination at work – criminal liability

According to the Penal Code, Article 119 § 1 applies, which may refer to an employer who uses violence or makes unlawful threats against a person or group because of their national, ethnic, racial, political, religious affiliation or because of their lack of religious beliefs, shall be subject to a penalty of imprisonment from 3 months to 5 years.

Another provision providing for criminal liability related to discrimination is Art. 123 of the Act of 20 April 2004 on the promotion of employment and labour market institutions, which states that the refusal to employ a candidate for a vacant job or vocational training position is subject to a fine of no less than PLN 3,000 if the refusal is caused by the candidate’s gender, age, disability, race, religion, nationality, political beliefs, ethnic origin, denomination or sexual orientation.

Applicable court rulings

Citizenship cases

1. The judgment, file reference III PK 11/16, concerned a Ukrainian citizen who claimed compensation from the Public School Complex in C in the amount of PLN 6,400 in connection with the violation of the principle of equal treatment. According to the court, the school violated the principle of equal treatment due to the criterion of citizenship due to origin from “third” countries. The provisions of the Labor Code list nationality among the prohibited criteria. However, nationality and citizenship are not identical concepts. Despite the lack of mention of citizenship in the above provisions, it can also be considered as an unlawful criterion of a directly discriminatory nature. In such a case, the employee was entitled to compensation provided for in § 18d of the Labor Code.

2. The judgment II PK 31/18 concerned differences between employees’ salaries related to their citizenship. People with Polish citizenship received their salaries in złoty, while those with German citizenship received their salaries in euro, which caused a large disproportion between employees. The court conducted an analysis of salaries, which showed that citizenship clearly affected the remuneration received by employees. The thesis of the judgment is to confirm that the employer’s conduct constitutes discrimination.

Artykuł Discrimination in the Polish Labor Code pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

Alternative investment companies are a specific form of investment activity introduced into the Polish legal system within the framework of the provisions on investment funds, and specifically in the context of managing alternative investment funds. These regulations are contained in the Act of 27 May 2004 on investment funds and the Act of 22 July 2005 on the management of alternative investment funds, Journal of Laws 2024.1034. AIICs are therefore a specific form of asset management that creates the possibility of investing in alternative assets, such as real estate, private equity, raw materials or debt, while maintaining high flexibility in terms of investment strategies.

Legal Basis for Alternative Investment Companies

Alternative investment companies are regulated in the Polish legal system by the aforementioned acts on investment funds and on the management of alternative investment funds. In particular, their functioning is associated with the appropriate transformation of the legal form of investment funds, which can operate as capital companies. This means that Alternative Investment Companies are joint-stock companies or limited liability companies that can invest in a wide range of alternative assets.

Pursuant to Article 8a of the Act, alternative investment companies may conduct business in two forms, namely as:

– limited liability companies, joint-stock companies or European companies;

– limited partnerships or limited joint-stock partnerships in which the sole general partner is a limited liability company, joint-stock company or European company.

Key Features of Alternative Investment Companies

Legal form: According to the Investment Funds Act, alternative investment companies may take the form of a joint-stock company or a limited liability company. This means that investors acquire shares or stocks in such companies, which then invest these funds in accordance with a specific investment strategy.

Investment scope: Alternative investment companies, in accordance with the Act on the Management of Alternative Investment Funds, have the ability to invest in a wide range of assets, including:

– Real estate,

– Unlisted companies (private equity),

– Raw materials (e.g. gold, oil),

– Debt instruments (e.g. investments in corporate debt),

– Derivatives and other non-standard assets.

The Investment Funds Act provides great flexibility in the selection of investment instruments, which allows for the implementation of more complex investment strategies.

In accordance with Article 8b of the Act of 27 May 2004 on Investment Funds and the Act of 22 July 2005 on the Management of Alternative Investment Funds (AIF), Journal of Laws 2024, item 1034,

Alternative investment companies are managed by a so-called investment fund manager, which in the case of alternative investment company plays a role equivalent to the management board of an investment fund. In managing this fund, it is important that the people responsible for investment decisions have the appropriate qualifications and experience, and also comply with the requirements related to capital market regulations. Fund managers have an obligation of transparency, responsibility and compliance with legal regulations.

Participant Restrictions: In the case of alternative investment companies, as in other investment funds, there are specific regulations regarding the group of investors. According to the Act on the Management of Alternative Investment Funds, alternative investment companies are intended mainly for professional investors who meet certain criteria, such as the minimum investment value or the status of a professional investor (e.g. financial institutions, wealthy individual investors). Such funds are not aimed at the general public.

According to art. 8c of the Act, an investor in an alternative investment company is an entity that holds participation rights in an alternative investment company and meets the criteria of a professional client. The criteria of a professional client shall not apply if the alternative investment company has obtained the authorization referred to in art. 5 sec. 1 of the Regulation 2015/760 on European long-term investment funds, OJ EU.L.2015.123.98 of 2015.05.19.

The participation rights of an alternative investment company are, respectively, a share in the company and a stock.

In the case of a limited partnership and a limited joint-stock partnership, participation in a company is understood as all the rights and obligations of a partner in the company.

An entity meeting the criteria of a professional client may make a contribution to an alternative investment company in exchange for participation rights in that company.

The subject of a contribution to an alternative investment company operating in the form of a limited partnership may not be an inalienable right or the provision of work or services.

The alternative investment company manager who manages an alternative investment company investing assets in shares of companies admitted to trading on a regulated market shall prepare and publish an engagement policy that describes how the engagement of shareholders of such companies is taken into account by the alternative investment company in its investment strategy. The manager of an alternative investment company shall prepare and publish an annual report on the implementation of the policy. The report shall include in particular:

– general description of voting procedure;

– description of the most important votes;

– description of the method of using the services of a shareholder voting advisor, referred to in Article 4 § 1 item 16 of the Commercial Companies Code, Journal of Laws 2000 No. 94 item 1037.

An alternative investment company may be marketed among:

– professional clients;

– retail clients – in the event that it has obtained the authorisation referred to in Article 5 paragraph 1 of Regulation 2015/760.

The manager of an alternative investment company is obliged to notify the Commission in writing of the intention to introduce an alternative investment company to trading in the territory of the Republic of Poland.

Capital

Initial capital for conducting business activity:

– in respect to externally managed alternative investment company – amounts to at least the equivalent of EUR 125,000 expressed in PLN,

– in respect to internally managed alternative investment company – amounts to at least the equivalent of EUR 300,000 expressed in PLN;

– using the average exchange rate announced by the National Bank of Poland on the last business day preceding the date of submission of the application for a permit to perform business activity by the manager of the alternative investment company.

Initial capital shall be understood as the sum of the share capital in the amount in which it was paid up together with the issue premium, undistributed profits from previous years, as well as the net profit in the process of approval, provided that this profit results from the financial statements audited by a statutory auditor, and the reserve capital, reduced by the uncovered loss from previous years.

Benefits and Challenges of Alternative Investment Companies

Benefits

Flexibility in asset selection – Alternative investment companies have the ability to invest in a wider range of assets than traditional investment funds. This includes the ability to invest in real estate, private equity, venture capital or commodities, which allows for greater diversification of the investment portfolio.

Tax benefits – the Investment Funds Act provides tax preferences for alternative investment companies, which means that profits earned by these companies may be exempt from income tax, provided that the company meets certain conditions regarding the investment structure and activities.

Access to Niche Markets – Alternative investment companies can invest in assets that are hard to access or non-traditional in traditional markets, giving investors the opportunity to participate in profitable but riskier markets.

Challenges

Higher risk – Due to their flexibility in asset selection, alternative investment companies often invest in riskier assets, which is associated with a higher potential return, but also with greater risk. Risk can also result from the illiquidity of some of the assets in which these companies invest.

Lack of liquidity – Many of the investments of alternative investment companies (e.g. real estate and private equity) are illiquid. This means that investors may have difficulty selling their holdings in the short term, which may limit their ability to exit their investment if necessary.

Regulatory Complexity – Managing alternative investment funds involves meeting specific regulatory requirements, both domestic and EU.

Summary

Alternative investment companies are an attractive form of investment that offers great flexibility in terms of asset selection and investment strategies. Based on the provisions of the Act on Investment Funds and on the Management of Alternative Investment Funds, alternative investment companies can invest in a wide range of alternative assets, which allows for the implementation of complex investment strategies, but at the same time involves higher risk. For this reason, alternative investment companies are mainly aimed at professional investors and require extensive experience in investing.

Artykuł Alternative Investment Companies – practical comments pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

On January 15, 2024, there will be held the event KRAKÓW: City – space for business. Synergy for the reconstruction of Ukraine. The event is organized by the Polis-Ukrainian Chamber of Commerce within the framework of the social campaign “Partnership and Employment” and the project “Work for Reconstruction of Entrepreneurship in Ukraine.” The event will provide a unique platform for diverse professionals, thought leaders, and stakeholders to come together and discuss critical issues surrounding urban development, business opportunities, and collaborative efforts for the reconstruction of Ukraine. The conference will cover a wide range of topics such as urban planning, sustainable development, and the role of businesses in contributing to the reconstruction efforts in Ukraine. Renowned experts and speakers will share valuable insights, best practices, and innovative ideas, fostering a rich exchange of knowledge and experience. Participation in the Conference will be an enriching experience. The insights we will gain and connections made will undoubtedly contribute to our professional growth. The event will be participated by Weronika Mazurek on behalf of KIELTYKA GLADKOWSKI KG LEGAL.

• Pharmacy Advertising in the European Union, with a Focus on Poland after the CJEU Judgment of 19 June 2025
  March 25, 2026
  Publication date: March 25, 2026 Poland has for years represented one of the most restrictive approaches in Europe. That is precisely why the recent judgment of the Court of Justice of the European Union in Commission v Poland, delivered on 19 June 2025 in Case C-200/24, is so important. It does not only affect one […]
• KG Legal Kiełtyka Gładkowski at the Jagiellonian University Job Fair – March 26, 2026
  March 25, 2026
  Publication date: March 25, 2026 On March 26, 2026, our law firm, KG Legal Kiełtyka Gładkowski, will participate in the annual Job Fair organized by the Jagiellonian University. The event will take place from 10:00 a.m. to 3:00 p.m. at the Jagiellonian University Auditorium Maximum at 33 Krupnicza Street. The Jagiellonian University Job Fair is […]
• KG Legal KIELTYKA GLADKOWSKI in the Legal 500 2026 Ranking – Confirmation of International Capabilities
  March 25, 2026
  Publication date: March 25, 2026 On 25 March 2026, the latest edition of the Legal 500 EMEA ranking – one of the most prestigious legal directories worldwide – was officially published. We are pleased to announce that KG Legal Kiełtyka Gładkowski has once again been recognized in the ranking – continuously since 2019 – further […]
• KG Legal Kiełtyka Gładkowski at the Conference on Cross-Regulatory Cooperation in the EU – Brussels, 17 March 2026
  March 25, 2026
  Publication date: March 25, 2026 On 17 March 2026, a conference entitled “Cross-regulatory interplay and cooperation in the EU: a data protection perspective” took place in Brussels (Borschette Center). The event focused on regulatory cooperation in the European Union from a data protection perspective and gathered representatives of EU institutions, regulatory authorities, academia, and practitioners […]
• KG Legal Kiełtyka Gładkowski na Targach Pracy Uniwersytetu Jagiellońskiego – 26 marca 2026
  March 25, 2026
  Publication date: March 25, 2026 Już 26 marca 2026 r. nasza kancelaria KG Legal Kiełtyka Gładkowski weźmie udział w corocznych Targach Pracy organizowanych przez Uniwersytet Jagielloński. Wydarzenie odbędzie się w godzinach 10:00–15:00 w Auditorium Maximum UJ przy ul. Krupniczej 33. Targi Pracy UJ to jedno z najważniejszych wydarzeń rekrutacyjnych w Krakowie, gromadzące pracodawców z wielu […]
• Import tax and works of art in Poland
  March 16, 2026
  Publication date: March 16, 2026 The concept of import tax According to Article 2, point 7 of the Polish Value Added Tax Act of 11 March 2004, the import of goods should be understood as “the import of goods from a third country into the territory of the European Union.” Generally speaking, import taxes are […]
• BIS 50% rule – what it means for cross border business
  March 16, 2026
  Publication date: March 16, 2026 The U.S. Bureau of Industry and Security (BIS) has introduced a new regulation called the 50% Rule, requiring every exporter to verify the ownership of parties to a transaction before shipping products. Previous name verification is no longer sufficient. BIS has expanded its end-user screening regulations to an unprecedented range […]
• The new important position of the Polish Minister of Health regarding the authorization to perform aesthetic and remedial medicine procedures
  March 16, 2026
  Publication date: March 16, 2026 The Polish Ministry of Health has published an official announcement (January 30, 2026) in which it explains its interpretation regarding aesthetic and remedial medicine procedures (i.e. treatments such as Botox, hyaluronic acid, mesotherapy, lasers, etc.). In Poland, aesthetic medicine began to develop dynamically in the 1990s. During this period, the […]
• Can an online auctioneer charge the maximum amount set by a bidder if the amount of the item being bid is less than the last bid?
  March 12, 2026
  Publication date: March 11, 2026 Regulation of concluding a sales contract by auction according to the Civil Code Pursuant to Article 701 of the Polish Civil Code, a contract – including a sales contract – may be concluded through an auction or a tender. These two distinct contract-formation methods are distinguished by their specific characteristics, […]
• The legal situation of advertisements of pharmacies and pharmacy outlets in Poland – expected changes to liberalize advertisement of pharmacies
  March 11, 2026
  Publication date: March 11, 2026 Since January 1, 2012, a complete ban on advertising pharmacies and pharmacy outlets has been in effect in Poland. Information limited to the location of a pharmacy or pharmacy outlet and its opening hours is not considered advertising. Consequently, this ban covers not only advertising the pharmacy itself but also […]

Artykuł <strong>KIELTYKA GLADKOWSKI KG LEGAL TAKES PART IN THE EVENT “KRAKÓW: City – space for business. Synergy for the reconstruction of Ukraine”, January 15, 2024</strong> pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

The Polish National Fund for Environmental Protection and Water Management has announced another call for applications for co-financing under the priority program Energia Plus. Entrepreneurs can apply for co-financing, e.g. to renewable energy sources.

The goal of the Energia Plus program is to reduce the negative impact of enterprises on the environment by supporting investment projects. The budget allocated to support investments in the fourth call for proposals has just been announced and amounts to PLN 566.9 million.

The co-financing may be used by entrepreneurs within the meaning of the Entrepreneurs’ Law Act conducting business activity.

While the Energia Plus program assumes partial granting of co-financing in the form of non-repayable grants, the fourth call for proposals will cover only co-financing in the form of preferential loans. The co-financing conditions are to be subject to negotiations between the National Fund for Environmental Protection and Water Management and the beneficiaries each time.

What does the co-financing concern?

• Construction, extension or modernization of existing production installations or industrial equipment, leading to a reduction in the consumption of primary raw materials (as part of own production lines), including by replacing them with secondary raw materials, waste or leading to a reduction in the amount of waste generated.

The funds obtained from the Energia Plus IV program can be used for the following projects:

• Projects leading to the reduction of harmful emissions into the atmosphere from combustion plants indicated in Directive 2015/2193 on the limitation of emissions of certain pollutants into the air from medium combustion plants (MCP Directive) – at least to the emission standards resulting from this directive.

• Projects aimed at improving air quality by reducing emissions from fuel combustion sources with a total fuel capacity of more than 50 MW – at least to the national emission standards for installations of such capacity or levels resulting from Best Available Techniques (BAT) conclusions, if they are specified for these sources, including, for example: modernization of equipment or equipping fuel combustion installations with devices or installations to reduce gaseous and particulate pollutant emissions. A combustion source is understood as a stationary technical device in which the combustion of fuels with a fuel capacity greater than 1 MW takes place.

• Projects aimed at improving air quality by reducing emissions to the atmosphere from industrial activities (not directly related to fuel combustion sources).

• Projects in accordance with the announcement of the Minister of Climate and Environment of November 30, 2021 on a detailed list of projects to improve energy efficiency, aimed at improving energy efficiency, as well as technological changes in existing facilities, installations and technical devices, with the exception of: modernization or replacement of devices used to transport products and semi-finished products as part of the technological process (e.g. forklift trucks, technological haulers or goods lifts), devices intended for home use (e.g. washing machines, dryers, dishwashers, refrigerators, cookers or ovens) and vehicles for road or rail transport.

• Projects related to the construction or reconstruction of generating units, including their connection to the distribution/transmission grid, in which the following are used to produce energy: a) energy from renewable sources, b) waste heat, c) heat from cogeneration, excluding heat generated in a coal-fired cogeneration unit, d) low-emission gaseous fuels, gas mixtures, synthetic gas or hydrogen.

• Modernization/expansion of heating networks.

Deadlines and amounts

Applications in the fourth call for proposals in Energa Plus will be available from February 1, 2023 to December 13, 2024 or until the allocation of funds is exhausted.

The implementation of the Energia Plus program is planned for the years 2019–2030, with the signing of contracts to be completed in 2027, and the funds to be spent by the end of 2030.

The total budget of Energia Plus is PLN 4 billion, of which PLN 3.95 billion is earmarked for repayable forms of financing, and PLN 50 million for non-repayable subsidies.

Artykuł <strong>FINANCING FOR RENEWABLE ENERGY RESOURCES COMPANIES IN POLAND. CALL FOR APPLICATIONS HAS STARTED</strong> pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.